On January 26, 2017 6:54:54 AM GMT+01:00, Alexander Hall <alexan...@beard.se> wrote: >On January 25, 2017 10:44:19 AM GMT+01:00, "Peter N. M. Hansteen" ><pe...@bsdly.net> wrote: >>On Wed, Jan 25, 2017 at 12:04:40AM +0000, Luke Small wrote: >>> if I have: >>> "pass out quick on lo0 from self port 6379 to \ any user luke >>> >>> block out quick on lo0 from self port 6379 to any >>> >>> pass quick on lo0 from any to any" >>> >>> a local connection to port 6379 will go to the last rule... isn't >>this a >>> useful feature to allow one of the first two rules to take effect? >> >>Does your application expicitly set source port to 6379? If not and >>definitely if you want destination port, you need to move the >>'port NNNN' bit to after the 'to' in your rules. > >Agreed. And don't forget to omit the 'set slip on lo' part.
skip* > >/Alexander > >> >>Also, as I keep repeating to anybody who cares to listen, just like >>"verbing weirds the language", "excessiv quicks weird your PF rule >>set".
