NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: NPF syntax




On Mon Mar 16 15:08:38 2015 GMT+0100, Andy Ruhl wrote:
> On Mon, Mar 16, 2015 at 6:52 AM, D'Arcy J.M. Cain <darcy%netbsd.org@localhost> wrote:
> 
> > I have decided to give up on pf after banging my head against the wall
> > (and the OBSD mailing list) and try npf but I can't figure out the
> > syntax.  I followed the example at http://www.netbsd.org/~rmind/npf/
> > but I keep getting errors when I validate.  I reduced npf.conf to the
> > following two lines:
> >
> > table <friends> type tree file "/VEX/general/pf/friends.list"
> > table <enemies> type tree file "/VEX/general/pf/enemies.list"
> >
> > This gives me this error:
> >
> > # npfctl validate
> > npfctl: table '0' is already defined
> >
> > If I remove one line I get this:
> >
> > # npfctl validate
> > table <0> type tree
> >
> > If I put the full file and comment out the table lines I get this:
> >
> > # npfctl validate
> > /etc/npf.conf:11:3: syntax error near 'alg'
> >
> > I am using the example config almost verbatim except for the table
> > names and file paths.
> >
> > What am I missing here?
> >
> 
> No help unfortunately, I"m just here to say I'm having similar issues. I've
> seen the npfctl error as well.
> 
> I had some other problems so I decided to see if I could start by blocking
> all traffic. I'm trying to get a very simple rule to work:
> 
> block in final from 0.0.0.0/0
> 
> And it doesn't. Obviously I'm missing something very fundamental and I
> haven't found it in the documentation yet. Maybe I have to use a table?
> 
> Frustrating.
> 
> Andy
>

-- 


Home | Main Index | Thread Index | Old Index