Hello,
Openbsd 7.6 upon restart, pf rules fail to load with error (no IP address
found for em0 /etc/pf.conf:26: could not parse host specification).
However, performing "pfctl -nf /etc/pf.conf && pfctl -vf /etc/pf.conf"
manually after logging in gets the rules loaded successfully. Also
commenting out lines 25 and 26 gets the file loaded successfully on restart
confirming the error
What are the potential scenario causing the line 26 (from 41.90.23.240 to
$ext_if port ssh modulate state) to present itself as syntax error during
restart?
Kind regards
Kihaguru.
File: Pf.conf
# External interface
ext_if = "em0"
# Skip filtering on loopback interface
set skip on lo
# Scrub incoming packets for normalization
match in all scrub (no-df)
# Block all incoming connections by default
block all
# Activate spoofing protection for all interfaces
block in quick from urpf-failed
# Redirect HTTP traffic (servers only)
pass in on $ext_if inet proto tcp \
to port 80 divert-to 127.0.0.1 port 8080
# Redirect HTTPS traffic (servers only)
pass in on $ext_if inet proto tcp \
to port 443 divert-to 127.0.0.1 port 8443
# Allow SSH traffic from the development desktop
pass in on $ext_if proto tcp \
from 41.90.23.240 to $ext_if port ssh modulate state
