Gaby vanhegan wrote:
Yes, correct, my bad... Or perhaps this would work also:block out on $if_dmz keep state pass out on $if_dmz from {$if_lan, $if_inet} to 1.2.3.4 port smtp keep state Maybe that was what I intended to write... :)
Ok, I am now playing with 'fwbuilder' to see how the generated pf rules look like. Presumably, they won't be structured as efficiently as if one writes them by hand - but managing hundreds of rules manually is a nightmare ...
Thanks so far, -- Stephan A. Rickauer ---------------------------- Institut f|r Neuroinformatik Universitdt / ETH Z|rich Winterthurerstriasse 190 CH-8057 Z|rich Tel: +41 44 635 30 50 Sek: +41 44 635 30 52 Fax: +41 44 635 30 53 http://www.ini.ethz.ch ----------------------------
