OpenBSD 4.9 GENERIC.MP#819 amd64
I'm not quite sure when things changed, but I can no longer apply rules
to locally originating traffic:
match in log on lo
now only logs local->local traffic and
match out log received-on lo
logs nothing. The best I can do, it seems, is to
match in tag "EXTERNAL"
match out log tagged ""
More worrying for me, however, is the inability to control traffic being
received by the host. I want to be able to
pass on $dmz to port {http, https, ssh}
block out on lo
pass out on lo from <trusted> to port ssh
I feel I must be missing something, I'm just not sure what.
