On 25 Jun 2018, at 22:12, Joseph Ward wrote:
My current pf.conf contains the following lines (with a lot of other
stuff redacted for irrelevance):
ext_if="em0"
...
block log all
pass in on $ext_if proto tcp from any to any port 22 flags S/SA keep
state
and it works great; ssh is able to get in. However, when I change
"$ext_if" to "egress", it no longer works. From the various
documentation I've found online, egress should automatically be the
interface which has the default route, and netstat -rn gives me:
‘egress’ exists in OpenBSD’s pf, but not in FreeBSD.
My goal is for this pf.conf to be able to be used on multiple systems
which unfortunately have different network cards, so the interface
names
are different. If "egress" isn't going to work, is there another way
to
accomplish that goal?
You could rename your network card (ifconfig em0 name foo). That’d let
you hide the difference from pf (but you’d have to cope with it in
/etc/rc.conf)
Regards,
Kristof
_______________________________________________
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
