04.04.19 07:30, Victor Sudakov пише:
1.
pass in quick on $int_if inet proto tcp from $server to any flags S/SA keep
state allow-opts tag SERVER
2.
block return-rst out log quick on $mob_if inet proto tcp to any port 25 tagged
SERVER
You have already passed the packet with "quick" in the first rule, it
probably will never hit the second "block" rule?
No, each rule bound to different interface - i.e. different conditions.
--
Regards!
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
