Thread: Block on PF

    #1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2005
    Posts
    54
    Rep Power
    9

    Question Block on PF


    Hello all..

    I have a little question on Packet Filter ..

    How would you create a rule set for implicit block ?

    I did that way:
    on the top of the ruleset section in my pf.conf file, I have wrote:
    block log all
    I also tryed
    block in log all
    block out log all

    ( Tell me if I am Wrong .. )
    those two rules hase the same meaning if I understand it right. Also it does not matter if I put it on the top or at the end of the ruleset section..

    Also If I understand it right this rule should block every thing but not the rules that has been defined in the ruleset ?

    if I am right why when I set this rule every thing is completly block even the other rules that allow traffic ..??

    Thank you for your help on understanding this better ..
    Cheers
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2004
    Posts
    296
    Rep Power
    0
    You must put:

    block in log all
    block out log all

    To the bottom of the file.
    Also, why you use "log" ?
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2005
    Posts
    54
    Rep Power
    9
    you mean at the Bottom bottm of the pf.conf file ?
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2004
    Posts
    296
    Rep Power
    0
    Yes
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2005
    Posts
    54
    Rep Power
    9
    Ok i did it but now nothing is blocked !
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2004
    Posts
    296
    Rep Power
    0
    Maybe you have some lines in the file that open everything.
    Let's see your file.

IMN logo majestic logo threadwatch logo seochat tools logo