I am just now starting to understand how the tags work. The tags look like a very good idea! I will probably add them very soon to my rules.
When i look at the pflog0 device it is cluttered very badly with DHCP BootP and Igmp queries from my isp.
When I run
it has a very big flow of information.
Youve helped out so much can I pick your brain with one more question. I think this will help me get a better understanding overall of how pf works.
I have an ftpd set up inside of a jail. It is set up to use passive and ports 30000 to 50000. I have all of my nat with rdr set up correctly and with the firewall set to pass in all and pass out all it works flawlessly. Once i set up the firewall to block all, it breaks the ftpd.
I have my int_if set to 10.1.10.1 and am using 10.1.10.10 for the ftpd jail. I have port 21 and 30000:50000 -> 10.1.10.1
ive been struggling trying to get this to work. I am also having a hard time finding and example searching google. Most just use a ftp proxy. I know that I could set one up but would rather learn this first.