netbsd-users: Re: IPF Rules

Subject: Re: IPF Rules
To: Todd Gruhns Acct <tgruhn2@mail.com>
From: David S. <davids@idiom.com>
List: netbsd-users
Date: 01/04/2002 23:50:27

On Fri, Jan 04, 2002 at 08:47:03PM -0800, David S. wrote:
> 
> For what you seem to be after, I'd use the rules
> 	
> 	pass in quick on ppp0 icmp from any to any icmp-type 3
> 			# destination unreachable
> 
>       block return-rst in quick on ppp0 proto tcp from any to any
> 	block return-icmp(host-unr) in quick on ppp0 proto udp from any to any

Oops, make that

	block return-icmp-as-dest(host-unr) in quick on ppp0 proto udp from any to any

David S.