Hi Stuart,
Thank you so much for pointing it to me. I have to re-read manual pages
before asking questions here :)
On 2019-12-07 16:32, Stuart Henderson wrote:
> On 2019-12-07, Atanas Vladimirov <vlado@bsdbg.net> wrote:
>> Bridge0 is my primary lan network where the VMs are connected and the
>> only interface that is configured with dhclient is em0 which is not
>> part
>> of any bridge.
>
> The dhclient caveat doesn't apply to you then.
>
Yes, I was almost sure that the dhclient should not affect my setup.
> If you change to a standard "pass" rule that will evaluate the
> interface
> group at runtime rather than load time, which is what you want here.
> Things can get complicated with PF and bridges, but I think something
> like
> "pass quick on tap flags any no state" near the start of your rules
> will
> probably do what you want.
Thanks, now it works as I wanted.
Best regards,
Atanas
No comments:
Post a Comment