npf

To: current-users%netbsd.org@localhost
Subject: npf
From: Paul Goyette <paul%whooppee.com@localhost>
Date: Mon, 9 Jan 2017 11:40:46 +0800 (PHT)

Following the example /usr/share/examples/blacklistd/npf.conf I createdthe following:


	# Transparent firewall example for blacklistd

	$ext_if = { wm0, tun0 }

	set bpf.jit on;
	alg "icmp"

	group "external" on $ext_if {
	        ruleset "blacklistd"
	        pass final all
	}

	group default {
	        pass final all
	}

After enabling npf, I see filter rules only on wm0, nothing for thetunnel:


	{150} /etc/rc.d/npf restart
	Disabling NPF.
	Enabling NPF.
	{151}  npfctl show
	# filtering:    active
	# config:       loaded

	group "external" on wm0
	        ruleset "blacklistd" all
	        pass final all

	group
	        pass final all

	{152}


Am I missing something?





+------------------+--------------------------+------------------------+
| Paul Goyette     | PGP Key fingerprint:     | E-mail addresses:      |
| (Retired)        | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com   |
| Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd.org |
+------------------+--------------------------+------------------------+

Follow-Ups:
- Re: npf
  - From: Christos Zoulas

Prev by Date: Re: blacklistd question
Next by Date: Re: npf
Previous by Thread: blacklistd question
Next by Thread: Re: npf
Indexes:

Home | Main Index | Thread Index | Old Index