Hello, i've got a question about configuring PF. I have an interface (vtnet0) that has 2 ip addresses assigned to it. I want to block incoming ICMP traffic to the second ip address (while permitting it to the first one). How can i do that?
I currently have the following rule in pf.conf which works fine for allowing icmp traffic on the second ip address while blocking it on the first one:
But how to do it the other way round? I've tried to put in "(vtnet0:1)" , but that results in an error about the syntax being incorrect.
I currently have the following rule in pf.conf which works fine for allowing icmp traffic on the second ip address while blocking it on the first one:
Code:
block on vtnet0 proto icmp from any to (vtnet0:0)
But how to do it the other way round? I've tried to put in "(vtnet0:1)" , but that results in an error about the syntax being incorrect.