I defined the table as stated in your book (3rd edition, page 42).
However, that gives an error message. In the lines with that table:
macro 'martians' not defined. Moreover, I now also have a Syntax error
in lines 38, 39 and 46, causing the pf lines not to be loaded.
Op 09-04-2024 om 08:53 schreef Peter N. M. Hansteen:
On Tue, Apr 09, 2024 at 08:39:08AM +0200, Karel Lucas wrote:
Hi all,
For the first time I tested my new firewall with ping, and it is blocked. I
don't know what the reason is, you can find the information below. I have a
network with only regular clients, so no servers. I'm still using OpenBSD
V7.4, and will upgrade once the firewall is up and running so I can test the
upgrade process.
Upgrading to 7.5 will not affect this particular problem I think.
Still low on caffeine I spot two likely factors - your $localnet range overlaps
with one of the ranges in $martians (which I anyway would recommend converting
into a table), and your block referencing $martians comes after the pass rules
that would have let icmp through. With no previous matching quick, last match
applies.
- Peter
