View Single Post
  #1   (View Single Post)  
Old 25th May 2010
mikesg's Avatar
mikesg mikesg is offline
I can has a title?
 
Join Date: Aug 2009
Posts: 28
Default match vs pass (changes in 4.7), and inet vs inet proto

I've upgraded one of my firewalls to 4.7 and have revised a few of the 'rdr pass' rules to reflect the syntax changes introduced in 4.7, but I'm not quite understanding why or when it would be appropriate to use match over pass in port redirection. Could someone enlighten me a bit? I've read the pf.conf man page but do better with practical examples when it comes to understanding concepts.

Also, I've read through the pf FAQ and man page trying to find out more about the inet declaration in the rules. I understand this is an address family, but the docs don't speak of it (that I can find) beyond that. In the pf FAQ I see example rules using it and others not in spite of these rules looking very similar, but don't understand why. Oops, the post title should have read "proto vs inet proto".

Thanks for any responses.
__________________
Mike

Last edited by mikesg; 25th May 2010 at 04:56 AM.
Reply With Quote