On Mar 16, 2020 11:07 AM, Carlos Lopez <[email protected]> wrote:
Hi all,
I am trying to accomplish several different tests using anchors rules
under an OpenBSD 6.6 host. But I am seeing a strange behavior
depending how I configure them. For example:
This rule works:
anchor inet from $laptop_admin label "Allow access from $srcaddr via
SSH" {
anchor proto tcp to port ssh {
pass in to (self)
pass in to { $dmz_network $vpn_network } tag intlans-to-intlans
}
}
But this one never matches:
anchor inet from $laptop_admin label "Allow access from $srcaddr via
http/https services" {
anchor proto tcp to port { http https } {
pass in $hots2 tag intlans-to-intlans
}
}
Is hots2 a typo in the mail or the conf also? Or maybe it's not a typo.
Edgar
I have tried inserting “quick” keyword in second rule, but
nothing … Maybe am I doing some mistake? Rules that works goes
before than the other that fails … Changing order, it doesn’t
matter …
Any tip?
--
Regards,
C. L. Martinez
