This gives the following error messages when booting:
no IP address found for igc1:network
/etc/pf.conf:41: could not parse host specification
no IP address found for igc2:network
/etc/pf.conf:42: could not parse host specification
Op 14-04-2024 om 19:59 schreef Peter N. M. Hansteen:
On Sun, Apr 14, 2024 at 05:09:01PM +0200, Karel Lucas wrote:
Hi all,
Everything about PF is all very confusing to me at the moment, so any help
is appreciated. So let's start simple and then proceed step by step. I want
to continue with ping so that I can test the connection to the internet.
This works: ping -c 10 195.121.1.34. But this doesn't work: ping -c 10
www.apple.com. As others have stated, I have a problem with using DNS
servers on the internet. The PF ruleset needs to be adjusted for this, but
it is still not clear to me how to do that. What else do I need to get ping
to work correctly? To get started simply, I created a new pf.conf file, see
below.
I'd put this somewhere after your block rules:
pass inet proto { tcp, udp } from igc1:network to port $client_out
pass inet proto { tcp, udp } from igc2:network to port $client_out
- that way you will actually use the macro. But the macro sitll references
the invalid service nportntp (you probably want ntp instead), and I would
think that the services "446, cvspserver, 2628, 5999, 8000, 8080" are unlikely
to be useful unless you *know* you need to pass traffic for those.
