Re: Setting a rule for NPF

To: "Christos Zoulas" <christos%astron.com@localhost>
Subject: Re: Setting a rule for NPF
From: "Rocky Hotas" <rockyhotas%post.com@localhost>
Date: Wed, 31 Dec 2014 11:59:52 +0100

> Sent: Tuesday, December 30, 2014 at 10:08 PM
> From: "Christos Zoulas" <christos%astron.com@localhost>
> To: netbsd-users%netbsd.org@localhost
> Subject: Re: Setting a rule for NPF
>
[...]
> >procedure "log" {
> >     log: npflog0
> >}
> >
> >group (default) {
> >
> >pass proto icmp apply "log" 
[...]
> I think that should work.

I ran

npf_ext_log
npf_ext_normalise
ifconfig npflog0 create

But when I run

npfctl reload

it gives an error on the rule inside the group:

syntax error near 'apply'

The syntax seems correct, in all the example the name of the procedure is between double quotes.
Should I run anything else before? (Notice that I never used npf on this machine and the output of "npfctl show" is "Filtering: inactive" and "Configuration: empty")

Rocky

Follow-Ups:
- Re: Setting a rule for NPF
  - From: Christos Zoulas
- Re: Setting a rule for NPF
  - From: George
- Re: Setting a rule for NPF
  - From: Rocky Hotas

References:
- Setting a rule for NPF
  - From: Rocky Hotas
- Re: Setting a rule for NPF
  - From: Rocky Hotas
- Re: Setting a rule for NPF
  - From: Christos Zoulas

Prev by Date: Re: dhcpd syslog message no longer shows client Hostname?
Next by Date: Re: Setting a rule for NPF
Previous by Thread: Re: Setting a rule for NPF
Next by Thread: Re: Setting a rule for NPF
Indexes:

Home | Main Index | Thread Index | Old Index