> I think we would be looking more for > Advanced -> Misc -> Bypass firewall rules for traffic on the same interface.
I am far from a pf wizard, but the following is the rule created without that checkbox: pass in quick on fxp0 inet from any to 192.168.1.1 keep state label "anti-lockout web rule" Unless I'm way off-base, that says "allow anything from the LAN interface to the router's IP". It's not port-based. Furthermore, the comment before the implementation of option you espouse (in /etc/inc/filter.inc) reads thus: /* pass traffic between statically routed subnets and the subnet on the interface in question to avoid problems with complicated routing topologies */ I do not think that means what you think it means. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
