Broken pfctl ..... ? I not understand my
HI I'm problem with pfctl and the syntax. Line error is : *block in quick on msk0 proto tcp port ssh* * pfctl -nf /etc/pf.conf * is broken, no exit My book is update is 15/05/2012, the site web update is 19/05/2012. One soluce, please ? Cordialy
Re: Broken pfctl ..... ? I not understand my
On 07/23/12 23:31, hvom .org wrote: HI I'm problem with pfctl and the syntax. Line error is : *block in quick on msk0 proto tcp port ssh* * pfctl -nf /etc/pf.conf * is broken, no exit My book is update is 15/05/2012, the site web update is 19/05/2012. One soluce, please ? Cordialy Most likely you're not explicitly interested in the source port, so: block in quick on msk0 proto tcp *to* port ssh /Alexander
Re: Broken pfctl ..... ? I not understand my
On 07/23/12 23:31, hvom .org wrote: HI I'm problem with pfctl and the syntax. Line error is : *block in quick on msk0 proto tcp port ssh* * pfctl -nf /etc/pf.conf * is broken, no exit pfctl seems to do its job, so it's not broken. also, it does exit. if not, provide proof. My book is update is 15/05/2012, the site web update is 19/05/2012. What book? What website? One soluce, please ? Cordialy
Re: Broken pfctl ..... ? I not understand my
"hvom .org" writes: > I'm problem with pfctl and the syntax. > > Line error is : *block in quick on msk0 proto tcp port ssh* > * > pfctl -nf /etc/pf.conf * is broken, no exit Trying to reproduce here (changing only the interface name to one that exists on the test system) it says 'syntax error' and gives the line number before exiting. I suspect block in quick on msk0 proto tcp to port ssh is what you want, pfctl -vnf on that will give you the expanded version after parsing: $ sudo pfctl -vnf hvom block drop in quick on iwn0 proto tcp from any to any port = 22 > My book is update is 15/05/2012, the site web update is 19/05/2012. it would be interesting to hear what book and web site you're referring to here. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Broken pfctl ..... ? I not understand my
"block in quick on msk0 proto tcp *to* port ssh" whats this? "instead of above wrong statement, you can use "block in quick on msk0 proto tcp from any to any port ssh" On Tue, Jul 24, 2012 at 2:27 AM, Peter N. M. Hansteen wrote: > "hvom .org" writes: > > > I'm problem with pfctl and the syntax. > > > > Line error is : *block in quick on msk0 proto tcp port ssh* > > * > > pfctl -nf /etc/pf.conf * is broken, no exit > > Trying to reproduce here (changing only the interface name to one that > exists on the test system) it says 'syntax error' and gives the line > number before exiting. > > I suspect > > block in quick on msk0 proto tcp to port ssh > > is what you want, pfctl -vnf on that will give you the expanded version > after parsing: > > $ sudo pfctl -vnf hvom > block drop in quick on iwn0 proto tcp from any to any port = 22 > > > My book is update is 15/05/2012, the site web update is 19/05/2012. > > it would be interesting to hear what book and web site you're referring > to here. > > - P > -- > Peter N. M. Hansteen, member of the first RFC 1149 implementation team > http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ > "Remember to set the evil bit on all malicious network traffic" > delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Broken pfctl ..... ? I not understand my
Le Thu, 26 Jul 2012 12:44:40 +0430, Bahador NazariFard a écrit : > "block in quick on msk0 proto tcp *to* port ssh" > whats this? > > "instead of above wrong statement, you can use "block in quick on msk0 > proto tcp from any to any port ssh" This is the same thing. The from is optional, and adresse is also optional in the from/to. So "block in quick on msk0 proto tcp to port ssh" is valid and is expanded by pfctl to "block drop in quick proto tcp from any to any port = 22"
Re: Broken pfctl ..... ? I not understand my
Bahador NazariFard writes: > "block in quick on msk0 proto tcp *to* port ssh" > whats this? > > "instead of above wrong statement, you can use "block in quick on msk0 > proto tcp from any to any port ssh" Please try a pfctl -vnf on a file containing only the first line. [Thu Jul 26 13:28:46] peter@deeperthought:~$ cat hvom block in quick on iwn0 proto tcp to port ssh [Thu Jul 26 13:28:48] peter@deeperthought:~$ sudo pfctl -vnf hvom block drop in quick on iwn0 proto tcp from any to any port = 22 in cases like these where there is no ambiguity, the parser fills in the defaults. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
