Re: npf

To: current-users%netbsd.org@localhost
Subject: Re: npf
From: christos%astron.com@localhost (Christos Zoulas)
Date: Mon, 9 Jan 2017 04:22:01 +0000 (UTC)

In article <Pine.NEB.4.64.1701091137250.18648%speedy.whooppee.com@localhost>,
Paul Goyette  <paul%whooppee.com@localhost> wrote:
>Following the example /usr/share/examples/blacklistd/npf.conf I created 
>the following:
>
> 	# Transparent firewall example for blacklistd
>
> 	$ext_if = { wm0, tun0 }
>
> 	set bpf.jit on;
> 	alg "icmp"
>
> 	group "external" on $ext_if {
> 	        ruleset "blacklistd"
> 	        pass final all
> 	}
>
> 	group default {
> 	        pass final all
> 	}
>
>After enabling npf, I see filter rules only on wm0, nothing for the 
>tunnel:
>
> 	{150} /etc/rc.d/npf restart
> 	Disabling NPF.
> 	Enabling NPF.
> 	{151}  npfctl show
> 	# filtering:    active
> 	# config:       loaded
>
> 	group "external" on wm0
> 	        ruleset "blacklistd" all
> 	        pass final all
>
> 	group
> 	        pass final all
>
> 	{152}
>
>
>Am I missing something?

Nope, looks like a bug.

christos

Follow-Ups:
- Re: npf
  - From: Paul Goyette

References:
- npf
  - From: Paul Goyette

Prev by Date: npf
Next by Date: Re: i915 hangs after 201612251500Z changes
Previous by Thread: npf
Next by Thread: Re: npf
Indexes:

Home | Main Index | Thread Index | Old Index