dvl@
Developer
Can pf block between IP addresses that are on the same NIC?
The goal: stop SSH on 10.5.0.160 to 10.5.0.161
I ask because:
i.e. it does not seem to work as expected.
Code:
# ifconfig | grep 10.5.0.16
inet 10.5.0.160 netmask 0xffffffff broadcast 10.5.0.160
inet 10.5.0.161 netmask 0xffffffff broadcast 10.5.0.161
The goal: stop SSH on 10.5.0.160 to 10.5.0.161
Code:
# pfctl -sr
No ALTQ support in kernel
ALTQ related functions disabled
scrub in all fragment reassemble
block drop quick inet from 10.5.0.160 to 10.5.0.161
pass in all flags S/SA keep state
pass out all flags S/SA keep state
I ask because:
Code:
$ ifconfig | grep inet
inet 10.5.0.160 netmask 0xffffffff broadcast 10.5.0.160
$ ssh 10.5.0.161
dan@10.5.0.161's password:
i.e. it does not seem to work as expected.