Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 24th July 2010
sousa sousa is offline
New User
Join Date: Jan 2009
Posts: 3
Default Inline nested anchors issue


I've been playing with anchors and ran into an issue.

 --------                               ------
|        |wpi0                     ath0|      |
| Laptop |-----------------------------|  AP  |
|        ||      |
 --------                               ------
With this pf.conf on the access point, I can ping ath0 from a wireless client. The client has pf disabled.

set block-policy return
set skip on lo

block all
anchor "wireless" on ath0 {
    pass in all
If I [only] change the anchor as shown below, it still works.

anchor in {
    pass in all
When I nest anchors, it stops working.
anchor "wireless" on ath0 {
    anchor in {
        pass in all
I'm unsure on whether this is a bug or if I'm missing something.
I did not try this on -current, only on 4.7-stable.

Any pointers/insights?

Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pfctl anchors manipulation clarification on 4.7 sgeorge OpenBSD Security 0 2nd July 2010 05:16 AM
PPPD issue. Tom NetBSD General 4 26th August 2009 03:59 PM
FFS permission issue marc OpenBSD General 2 2nd February 2009 07:31 PM
Possible SMP Issue? MetalHead OpenBSD General 1 25th November 2008 03:52 AM
RAM issue nikkon FreeBSD General 5 7th May 2008 04:26 AM

All times are GMT. The time now is 10:49 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick