Re: Setting a rule for NPF

To: netbsd-users%netbsd.org@localhost
Subject: Re: Setting a rule for NPF
From: George <g.lister%nodeunit.com@localhost>
Date: Wed, 31 Dec 2014 13:21:16 +0100


On 14-12-31 11:59 AM, Rocky Hotas wrote:

Sent: Tuesday, December 30, 2014 at 10:08 PM
From: "Christos Zoulas" <christos%astron.com@localhost>
To: netbsd-users%netbsd.org@localhost
Subject: Re: Setting a rule for NPF

[...]

procedure "log" {
     log: npflog0
}

group (default) {

pass proto icmp apply "log"

[...]

I think that should work.

I ran

npf_ext_log
npf_ext_normalise
ifconfig npflog0 create

But when I run

npfctl reload

it gives an error on the rule inside the group:

syntax error near 'apply'

The syntax seems correct, in all the example the name of the procedure is between double quotes.
Should I run anything else before? (Notice that I never used npf on this machine and the output of "npfctl show" is "Filtering: inactive" and "Configuration: empty")


Have you loaded the modules you need? What NetBSD version are you running???


Rocky

Follow-Ups:
- Re: Setting a rule for NPF
  - From: Rocky Hotas

References:
- Setting a rule for NPF
  - From: Rocky Hotas
- Re: Setting a rule for NPF
  - From: Rocky Hotas
- Re: Setting a rule for NPF
  - From: Christos Zoulas
- Re: Setting a rule for NPF
  - From: Rocky Hotas

Prev by Date: Re: Setting a rule for NPF
Next by Date: Re: Setting a rule for NPF
Previous by Thread: Re: Setting a rule for NPF
Next by Thread: Re: Setting a rule for NPF
Indexes:

Home | Main Index | Thread Index | Old Index