thanks everyone, problems fixed.
I love you guys.
On 10/11/05, John Kintaro Tate <[EMAIL PROTECTED]> wrote:
> There is something wrong with my rules file, and I cant find the problem.
>
> pf.conf...
> # $OpenBSD: pf.conf,v 1.28 2004/04/29 21:03:09 frantzen Exp $
> #
> # See pf.conf(5) and /usr/share/pf for syntax and examples.
> # Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
> # in /etc/sysctl.conf if packets are to be forwarded between interfaces.
>
> localaddr = "{192.168.0.4 127.0.0.1}"
> localhosts = "192.168.0.0/24"
> allowedusers = "{x11, root, named, _portmap, www}"
> if = "xl0"
>
> altq on $if cbq bandwidth 100Mb queue { all, local, http, ssh, rsets }
>
> queue all bandwidth 32Kb proirity 1
> queue local bandwidth 100Mb proirity 10
> queue http bandwidth 60Kb priority 5
> queue ssh bandwidth 25Kb priority 7 cbq(borrow)
> queue rsets bandwidth 7500b priority 0 cbq(red)
>
> pass in on $if inet proto tcp from any to any port 22 keep state queue ssh
> pass out on $if inet proto tcp from any to any port 443 keep state queue http
> pass in on $if inet proto tcp from any to any port 443 keep state queue http
> pass out on $if inet proto tcp from any to any keep state queue local
> pass in on $if inet proto tcp from any to any keep state queue local
> pass in on $if inet proto tcp from any to any keep state queue all
> pass in on $if inet proto tcp from any to any keep state queue all
>
> table <localnet> const { 192.168.1/24 }
> table <banned> persist file "/etc/banned"
>
> block drop in on $if from <banned> to $localaddr
> block drop out on $if from $localaddr to <banned>
>
> block drop out on $if from $localaddr to <localnet>
> pass out on $if from $localaddr to <localnet> user $allowedusers keep state
> pass in on $if from $localaddr to <localnet> keep state
>
> -------
>
> pfctl output...
> -bash-3.00# pfctl -f /etc/pf.conf
> /etc/pf.conf:12: syntax error
> /etc/pf.conf:14: syntax error
> /etc/pf.conf:15: queue local has no parent
> /etc/pf.conf:15: errors in queue definition
> /etc/pf.conf:16: queue http has no parent
> /etc/pf.conf:16: errors in queue definition
> /etc/pf.conf:17: queue ssh has no parent
> /etc/pf.conf:17: errors in queue definition
> /etc/pf.conf:18: queue rsets has no parent
> /etc/pf.conf:18: errors in queue definition
> /etc/pf.conf:25: syntax error
> /etc/pf.conf:26: syntax error
> pfctl: Syntax error in config file: pf rules not loaded
>
> -------
>
> --
> John Kintaro Tate
> Mobile: 0413 348 815 (Yep, old number, but I have a new phone)
>
> Free OpenBSD shell accounts for all with no gimmicks. Just send your
> desired username and password to me, and I will create it.
>
> Personal Website: http://kintaro.noobify.com
>
> Illhostit Webhosting:
> https://secure.illhostit.com/cgi-bin/affiliates/clickthru.cgi?id=Kintaro&campaign=Email
>
--
John Kintaro Tate
Mobile: 0413 348 815 (Yep, old number, but I have a new phone)
Free OpenBSD shell accounts for all with no gimmicks. Just send your
desired username and password to me, and I will create it.
Personal Website: http://kintaro.noobify.com
Illhostit Webhosting:
https://secure.illhostit.com/cgi-bin/affiliates/clickthru.cgi?id=Kintaro&campaign=Email
