On Sun, Jan 25, 2009 at 03:45:25AM -0800, Ken Dickey wrote: > On 2009 January 24 03:09:57 pm Pereresus ne Vlezaet Buggy wrote: > > Add "set skip on lo". Searching for the right place of this string will > > be your homework. > > Thanks much. My working pf.conf now contains:
i'll take the opportunity to offer my opinion that one stands to save a LOT of time by *logging blocks* during debugging. eg: 'block in log all' or whatever the grammar needs to be. then just watch pflog0 on tcpdump with a bunch of -v action and you can see what the traffic is and create allows based on that. -- jared
