View Single Post
  #2   (View Single Post)  
Old 9th October 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
Join Date: May 2008
Location: USA
Posts: 6,446

Hello, and welcome!

Let's diagnose your problem by looking at the rule set you copied and pasted from the FAQ:
block all
pass in on egress proto tcp from any to egress port www
  • The first rule blocks all traffic.
  • The second rule passes traffic to a web server listening for incoming traffic on this computer.
  • No other traffic is permitted to pass.
You aren't running a web server.

PF is a wonderful tool. It really is. But in order to successfully use it, you need to have an understanding of how communications over computer networks is conducted, and how the applications you want to use -- such as browsing the web -- actually communicate. If you don't have this knowledge, then PF won't be a useful too. Blindly copying and pasting, then hoping for success, will be a frustrating experience.

Peter Hansteen, the author of The Book of PF, always starts his tutorial sessions by having his audience stand and recite the following Pledge of the Network Admin.
This is my network.

It is mine
or technically my employer’s,
it is my responsibility
and I care for it with all my heart

There are many other networks a lot like mine,

 but none are just like it. 

I solemnly swear

that I will not mindlessly paste from HOWTOs.
Along with his terrific book -- and his tutorial sessions he offers at BSD user group meetings -- Peter offers a free, online tutorial located here:

If you'd like to learn more about networking than you may know today, I recommend Networking for Systems Administrators by Michael W. Lucas.

(I own both books.)
Reply With Quote