Solved pf.conf - syntax error

Hi!

I have pf.conf long time the same and today I found one from the OpenBSD but it doesn't work on my FreeBSD 11-RELEASE(amd64), desktop computer:
Code:
ext_if = "bge0"
broken="224.0.0.22 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
        10.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, \
        192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, \
        169.254.0.0/16, 0.0.0.0/8, 240.0.0.0/4, 255.255.255.255/32"
set block-policy drop
set skip on lo0
match in all scrub (no-df max-mss random-id 1440)
antispoof quick for ($ext_if)
antispoof for lo0
block return out quick inet6 all
block in quick inet6 all
block in quick from { $broken urpf-failed no-route } to any
block in all
pass out quick on $ext_if inet keep state

When I run:
Code:
service pf restart
Enabling pf/etc/pf.conf:5: syntax error
pfctl: Syntax error in config file: pf rules not loaded

What should I corrected, please?
Thank you.
 
FreeBSD's PF doesn't understand match. I think this should be equivalent, but don't quote me on that:
Code:
scrub in all no-df max-mss 1440 random-id fragment reassemble
Thank you.
Do you think that is okay for the desktop computer or is too much. I had much more simple before.
 
Back
Top