Quote:
Originally Posted by jggimi
"proto" refers to protocols within IPv4 or IPv6, such as ICMP, ESP, or TCP. A fairly complete list are found in /etc/protocols.
If your rule does not have an explicit family, it refers to both IPv4 and IPv6. If it has one, it is limited to that family.
|
In addition, a point not obvious for beginners (and even some experienced users!):
If you issue the command "pfctl -vv -sr |less" you will see things like the fact that a rule that doen't contain an inet or inet6 will expand to two rules, one for each.
You'll probably get some extra clues about other operations from that command and its relatives. (man pfctl)