from misc: Rafal Bisingier(ra...@man.poznan.pl) on 2012.01.05 09:21:16 +0100: > Just replace "to any" to "to self". Should do what you want. > > > I have read PF manual but not found any possibility to tell pf "to > > LOCAL-HOST". I have search with google but no relevant articles found, > > maybe I > > have not asked correct. > > Well, it's not very easy to find, but the "self" word is explained in > the manual.
"self" is only in the GRAMMAR section, maybe say something more about it? /Benno Index: share/man/man5/pf.conf.5 =================================================================== RCS file: /opt/OpenBSD-CVS/src/share/man/man5/pf.conf.5,v retrieving revision 1.509 diff -u -p -u -r1.509 pf.conf.5 --- share/man/man5/pf.conf.5 27 Nov 2011 19:55:18 -0000 1.509 +++ share/man/man5/pf.conf.5 7 Jan 2012 17:16:47 -0000 @@ -317,6 +317,8 @@ Any address matching the given table. Any source address that fails a unicast reverse path forwarding (URPF) check, i.e. packets coming in on an interface other than that which holds the route back to the packet's source address. +.It Ar self +Expands to all addresses assigned to all interfaces. .El .Pp Ranges of addresses are specified using the @@ -327,7 +329,9 @@ For instance: means all addresses from 10.1.1.10 to 10.1.1.12, hence addresses 10.1.1.10, 10.1.1.11, and 10.1.1.12. .Pp -Interface names and interface group names can have modifiers appended: +Interface names, interface group names and +.Ar self +can have modifiers appended: .Pp .Bl -tag -width xxxxxxxxxxxx -compact .It Ar :0