View Single Post
  #2   (View Single Post)  
Old 30th January 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

Those rules don't make an OBSD firewall stealth. Making sure that the block policy is drop does
An alternative could be to use a bridge, where the 2 interfaces have no IP addresses but where you still can filter traffic.

BTW keep state already has been the default for several releases, and thus does not need to be specified anymore
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote