Pf - syntax error

Magnesik

Member

Reaction score: 1
Messages: 44

Im a new user of freebsd 8.0-RELEASE-i386. I've try to use PF firewall but it unfortunately doesn't work.

I've added to /etc/rc.conf these 2 lines:

Code:
pf_enable="YES"
pflog_enable=YES"


and pf.conf to /etc/ because it didn't exist.

In pf.conf I wrote:

Code:
block in all
pass out all


After /etc/rc.d/pf start I get:



Code:
freebsd# pfctl -e
No ALTQ support in kernel
ALTQ related funcions disabled
pfctl: pf already enabled


What is wrong?
 

DutchDaemon

Administrator
Staff member
Administrator
Moderator
Developer

Reaction score: 2,987
Messages: 11,357

Code:
pflog_enable=YES"

must be
Code:
pflog_enable="YES"
 
OP
M

Magnesik

Member

Reaction score: 1
Messages: 44

Of corse in rc.conf is pflog_enable="YES". I made mistake while I was copying out it. Besides during booting I have message like "pflog promiscuous mode enabled"
 
OP
M

Magnesik

Member

Reaction score: 1
Messages: 44

I get the same error as after /etc/rc.d/pf start

Code:
No ALTQ support in kernel
ALTQ related functions disabled
/etc/pf.conf:2: syntax error
pfctl: Syntax error in config file: pf rules not loaded


When I put in /etc/rc.conf only "block in all" then it works.
It looks like pf doesn't know what is "pass". When I put there only "pass out all" I get again the same error but with information that first line is wrong.
 
OP
M

Magnesik

Member

Reaction score: 1
Messages: 44

Problem is solved. I've edited PF configuration files with mcedit and I didn't end last line by enter. And I get error syntax in line where I didn't do it.
 
Top