[FUG-BR] PF + Scrub .
Marcelo/Porks
marcelorossi em gmail.com
Segunda Fevereiro 1 15:17:43 BRST 2010
2010/1/29 Paulo Henrique <paulo.rddck at bsd.com.br>:
> Segue abaixo minhas regras.
>
> scrub in on $INT_IF all fragment reassemble
> scrub in on $INT_IF all no-df
> scrub on $INT_IF all reassemble tcp
>
> saida pfctl -nf $arquivo
>
> # pfctl -nf /root/firewall/pf.conf
> /root/firewall/pf.conf:88: syntax error
>
> Linha 88 = scrub in on $INT_IF all fragment reassemble
Diga o valor de $INT_IF
Fiz aqui e funcionou:
mt# grep scrub /etc/pf.conf
scrub in on $IF_Int_Prisma all fragment reassemble
scrub in on $All_IF_Int all fragment reassemble
mt# grep "All_IF_Int =" /etc/pf.conf
All_IF_Int = "{ " $IF_Int_Aplic $IF_Int_Prisma $IF_Int_ATAs $IF_Int_Servs " }"
mt# grep "IF_Int_Prisma =" /etc/pf.conf
IF_Int_Prisma = "vlan101"
IP_IF_Int_Prisma = "( " $IF_Int_Prisma " )"
mt# pfctl -nf /etc/pf.conf
#
--
Marcelo Rossi
"This e-mail is provided "AS IS" with no warranties, and confers no rights."
Mais detalhes sobre a lista de discussão freebsd