Bahador NazariFard <bahador.nazarif...@gmail.com> writes: > "block in quick on msk0 proto tcp *to* port ssh" > whats this? > > "instead of above wrong statement, you can use "block in quick on msk0 > proto tcp from any to any port ssh"
Please try a pfctl -vnf on a file containing only the first line. [Thu Jul 26 13:28:46] peter@deeperthought:~$ cat hvom block in quick on iwn0 proto tcp to port ssh [Thu Jul 26 13:28:48] peter@deeperthought:~$ sudo pfctl -vnf hvom block drop in quick on iwn0 proto tcp from any to any port = 22 in cases like these where there is no ambiguity, the parser fills in the defaults. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
