On Fri, Oct 20, 2017 at 12:59:51PM +0200, Markus Rosjat wrote: > ... > what I notice is I can initiate a ssh connection from this machine. > So there are three possible answers to this: > - 1st with allowing ssh traffic in the first place ssh port will be > considered passable from both sites of the nic. Which would somehow > makes no sense to me at all because its a explicit in rule > - 2nd the ssh connection initiated is somehow considered coming fom lo > and for that not passed to the following rules > - 3rd my rules are just wrong :)
Another 4: You forgot to load your ruleset: pfctl -f pf.conf
