Thread: Pf problem
View Single Post
  #8   (View Single Post)  
Old 24th May 2011
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

You should not remove the block all -- it provides a "default deny" rule.

Keep in mind: 1) If a "quick" rule is matched, that rule wins. All PF analysis stops right there, with that pass or block. 2) If a rule does not have "quick", the last rule to match wins. Your block all does not have quick, and it will always match.

-----------------------

Test your network firewall from OUTSIDE the net. Your test, conducted from the inside, was against 192.168.2.113. I assume from somewhere else on your 192.168.2.x subnet. Not a valid test, therefore.

You may want to add "log" options to all of your rules, so you can log those things you permit as well as those you deny for later analysis with netstat(1).

Active states can be monitored with systat(1), also.
Reply With Quote