On 4/27/07, snowcrash <[EMAIL PROTECTED]> wrote:
i suppose alternative would be to,
--- set require-order yes
+++ set require-order no
and put some
block quick <ip-black>
BEFORE those rdr's ... to prevent those addresses in <ip-black> from
ever seeing the redirection in the first place
no rdr proto tcp from <ip-black> to any port smtp
... other rdr stuff ...
block from <ip-black>
"The no option prefixed to a translation rule causes packets to remain un-
translated, much in the same way as drop quick works in the packet filter"
--
Jon
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
