Is it possible to write a rule based on a arbitrary ip rule instead using a full subnet as source address like this?
hosts_allowed="{ 192.168.0.21-40 }" And even using a single host on this following rule, i get a syntax error. Can someone point what is wrong? host_allowed="192.168.0.21" im_server="192.168.1.2" block out on $inet_iface inet proto tcp from ! { $host_allowed, $im_server } to any port 1863 Leonardo Carneiro