I defined the table as stated in your book (3rd edition, page 42).
However, that gives an error message. In the lines with that table:
macro 'martians' not defined. Moreover, I now also have a Syntax error
in lines 38, 39 and 46, causing the pf lines not to be loaded.
Op 09-04-2024 om 08:53 schreef Peter N. M. Hansteen:
> On Tue, Apr 09, 2024 at 08:39:08AM +0200, Karel Lucas wrote:
>> Hi all,
>>
>> For the first time I tested my new firewall with ping, and it is blocked. I
>> don't know what the reason is, you can find the information below. I have a
>> network with only regular clients, so no servers. I'm still using OpenBSD
>> V7.4, and will upgrade once the firewall is up and running so I can test the
>> upgrade process.
> Upgrading to 7.5 will not affect this particular problem I think.
>
> Still low on caffeine I spot two likely factors - your $localnet range overlaps
> with one of the ranges in $martians (which I anyway would recommend converting
> into a table), and your block referencing $martians comes after the pass rules
> that would have let icmp through. With no previous matching quick, last match
> applies.
>
> - Peter
>
No comments:
Post a Comment