Subject: ipfilter question
To: None <netbsd-users@netbsd.org>
From: Pavel Trubl <trubl@katel.cz>
List: netbsd-users
Date: 05/11/2003 19:02:25
Hello,
I play with ipf and I don't know anything. This is my /etc/ipf.conf:
## block all ##
block in log all
block out log all
## ICMP ##
pass out proto icmp from any to any icmp-type 8 code 0 keep state
pass in proto icmp from any to any icmp-type 8 code 0 keep state
## UDP ##
pass out proto udp from any to any keep state
# pass in proto udp from any to any keep state
## TCP ##
pass out proto tcp from any to any keep state
# pass in proto tcp from any to any keep state
When I start ipfilter, it write to log:
IP Filter: v3.4.27 initialized. Default = pass all, Logging = enabled
1. Why default = pass all? My first rules are 'block'.
2. All traffic are available with these rules. But I have not defined
'pass in' for tcp/udp'.
How rule allow incoming pakets to my pc?