View Single Post
Old 9th September 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

I just noticed that these various pf.conf rule sets only have one NIC, $ext_if (re0). Assuming, for the moment, that there is a second NIC, there are no pass in rules for its traffic. All traffic initiated on a local LAN (assuming there is one) will be blocked, except for the limited set of ICMP traffic added to your second pf.conf example.
Reply With Quote