> Hello, > > Openbsd 7.6 upon restart, pf rules fail to load with error (no IP address > found for em0 /etc/pf.conf:26: could not parse host specification). > However, performing "pfctl -nf /etc/pf.conf && pfctl -vf /etc/pf.conf" > manually after logging in gets the rules loaded successfully. Also > commenting out lines 25 and 26 gets the file loaded successfully on > restart > confirming the error > > What are the potential scenario causing the line 26 (from 41.90.23.240 to > $ext_if port ssh modulate state) to present itself as syntax error during > restart? > > Kind regards > Kihaguru. > > File: Pf.conf > > > # External interface > ext_if = "em0"
Maybe: # External interface $ext_if = "em0" > > # Skip filtering on loopback interface > set skip on lo > > # Scrub incoming packets for normalization > match in all scrub (no-df) > > # Block all incoming connections by default > block all > > # Activate spoofing protection for all interfaces > block in quick from urpf-failed > > # Redirect HTTP traffic (servers only) > pass in on $ext_if inet proto tcp \ > to port 80 divert-to 127.0.0.1 port 8080 > > # Redirect HTTPS traffic (servers only) > pass in on $ext_if inet proto tcp \ > to port 443 divert-to 127.0.0.1 port 8443 > > # Allow SSH traffic from the development desktop > pass in on $ext_if proto tcp \ > from 41.90.23.240 to $ext_if port ssh modulate state >
