On 08/26/16 14:55, Leo Silva wrote: > I'd like some help with the following rules on pf. > I'm trying to block all https requests outgoing from my network and unblock > just some IPs. > The blocked IPs are allowed to access specifics sites that are placed in files > with the domain names that I want to allow, the unblocked_ips and > unblocked_sites files.
First, tcpdump is your friend. If something isn't working quite right, you will need to dive in with tcpdump and some well placed log statements on the rules you are studying in order to figure out where your logic was too weak to begin with. I suspect your problem may be overuse of the quick keyword. Remember, once you hit a quick rule that matches, processing for that packet stops right there. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
