- I wonder how you can visit your website when you are not allowing out DNS traffic (udp) on port 53
Code:
block log all
pass out on egress proto icmp all icmp-type { echoreq unreach }
pass out on egress proto tcp from $me to $mywebsite port 80
- You are interpreting the directions as seen by pf, not correctly
pf sees the directions IN and OUT like this diagram
Code:
INTERNET
|
|
OUT | IN
| | |
/|\ | |
| | \|/
| | |
-------|------------
pppoe
11.22.33.44
---------------------
That is why your redirection will never take place
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|