|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
packet filter configuration.
# MACROS
vm_ether = "vic0" friends = "{ 87.248.113.14, 129.128.5.191, 209.85.175.147 }" # DEFAULT DENY block in on $vm_ether all pass in on $vm_ether from $friends to any #block out all I had the filtering rules above and it should block the incoming packets from any IP addresses except from the macros friends but i still able to get ping reply packets other from $friends. Why? |
|
||||
pf creates state by default. By pinging other hosts, you are creating state that allows the replies back in.
Edit: http://www.openbsd.org/faq/pf/filter.html#state
__________________
The only dumb question is a question not asked. The only dumb answer is an answer not given. Last edited by robbak; 23rd October 2008 at 08:57 AM. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
sshguard and packet filter | sputnik | OpenBSD Security | 0 | 18th April 2009 02:11 PM |
Packet Sniffer for OpenBSD. | bsdnewbie999 | OpenBSD General | 6 | 26th October 2008 02:28 AM |
vr0: rx packet lost | tutosun | FreeBSD General | 4 | 13th September 2008 10:13 AM |
question about Packet Filter (pf) | milo974 | OpenBSD Security | 2 | 31st July 2008 01:39 PM |