默认pf.conf在pass前面增加了block
发表于 : 2013-04-24 10:00
http://www.openbsd.org/cgi-bin/cvsweb/s ... h;rev=1.52
Add a 'block' rule prior to the state creating 'pass' rule. This
way, TCP packets of e.g. timed out states are blocked rather than
passed by the implicit default pass rule.
个人体验
之前有个网络打印机在外网,OpenBSD做内网电脑网关,内网电脑首次打印经常不成功,具体表现是打印机lcd面板经常提示接收数据中,只有取消这个打印,重新打印才成功。
昨天在pf.conf中增加了block之后,内网电脑首次打印都成功,不知道是否跟这个rule有关。
Add a 'block' rule prior to the state creating 'pass' rule. This
way, TCP packets of e.g. timed out states are blocked rather than
passed by the implicit default pass rule.
个人体验
之前有个网络打印机在外网,OpenBSD做内网电脑网关,内网电脑首次打印经常不成功,具体表现是打印机lcd面板经常提示接收数据中,只有取消这个打印,重新打印才成功。
昨天在pf.conf中增加了block之后,内网电脑首次打印都成功,不知道是否跟这个rule有关。