On 5/6/06, Aguiar Magalhaes <[EMAIL PROTECTED]> wrote:
I'd like to make the same with the pass rules and then
to know the matched pass rule:
block log all
pass in on $int_if inet proto tcp from $internal_net
to any port 80 keep state
pass in on $int_if proto udp from $internal_net to any
port 53 keep state
... etc
Do I have to add the word "log" for each pass rule ?
Is there another way ?
pfctl -s rules -v -v (check "Evaluations" and "Packets" fields)
How can i do it ?
p="pass log"
$p in on $int_if inet proto tcp from $interna_net...
See? I've saved you two whole bytes per rule!
--
"Curiousity killed the cat, but for a while I was a suspect" -- Steven Wright
Security Guru for Hire http://www.lightconsulting.com/~travis/ -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
