> 7.5 amd64
> i'm not very smart and i can't understand what great idea was behind, but today i discovered something unexpected for me.
> simple config:
> set skip on { lo }
> @0 block drop log (all) all
> @1 pass log (all) quick from (self:*) to any flags S/SA
> @2 pass log (all) quick inet6 proto ipv6-icmp all
bla-bla
even this doesn't work. works only if remove the "block"
@0 block drop log (all) all
@1 pass all flags S/SA
wtf?! :D
No comments:
Post a Comment