[BSD-INDIA] pf_Tables
M E
manpages at yahoo.com
Tue Nov 3 15:06:42 UTC 2009
Hello guys, can anyone tell me why pfctl -t blockips -T show -v command is not showing me the blocked ips ? Here is my packet filter configuration file:
################ Macros ###################################
# macro for the interface names
ext_if = "rl0"
int_if = "fxp0"
################ Tables ####################################
table <blockedips> persist file "/etc/pf.blocked.ip.conf"
################ Options ##################################
set optimization aggressive
set loginterface $ext_if
set block-policy drop
set require-order yes
################ Normaliztation ############################
scrub on $ext_if all random-id min-ttl 254 max-mss 1452 reassemble tcp fragment reassemble
#My edit
rdr on $ext_if proto tcp from any to any port 80 -> 127.0.0.1 port 9828
# loopback
antispoof log quick for lo0 inet
pass quick on lo0 all
#my code
block drop in log (all) quick on $ext_if from <blockedips> to any
Thanks
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.bsd-india.org/pipermail/bsd-india/attachments/20091103/3ba83e08/attachment.html>
More information about the bsd-india
mailing list