You can use the ($int_if) for traffic terminating on the firewall. Any traffic going through to another host needs to have the destination defined.
Could you include a complete copy (sanitized, of course) of your pf.conf file? There might be something else at work but it's hard to tell without the file. Kind Regards, Mike On 12/25/09 8:13 AM, "Dánielisz László" <[email protected]> wrote: > I am using "($int_if)" for ports 22, 80 too and they are working as charm. > This is how I defined it in my pf.conf: > int_if="rl0" > > Right now I can not try it but when I'll be able I'll try your idea and than I > will let you know how it works. > > Thank you! > > > > ________________________________ > From: Anh Ky Huynh <[email protected]> > To: Dánielisz László <[email protected]> > Cc: [email protected] > Sent: Fri, December 25, 2009 2:06:24 PM > Subject: Re: pf vs. afp > > On Fri, 25 Dec 2009 04:33:03 -0800 (PST) > Dánielisz László <[email protected]> wrote: > >> >> ________________________________ >> >> Hello, >> >> It's been a while I struggeling how to deal with apf/netatalk >> passing trough my pf rules. If I disable pf everything is working >> great (but I still do want firewall on my server). I tried the >> following rule but it still don't lets me in: >> >> pass in log on $int_if inet proto { tcp, udp } from $localnet to >> ($int_if) port=548 flags S/SA keep state > > I think the problem is "($int_if)". You should use, for e.g, > > from $localnet to 192.168.1.123 > >> When I try a telnet on port 548 I got "Operation timed out", in >> pflog I can see that my Mac tries to connect but I have no clue why >> it can't when the coresponding port is open, do you have any idea? > > Regards, _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
