bubbleb74I finally came around to give <a href="https://snac.doosom.com?t=bastillebsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BastilleBSD</a> a try on a <a href="https://snac.doosom.com?t=freebsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeBSD</a> test system but I struggle with the rdr rules. I always get the following error when starting the vnet jail:<br><br>stdin:2: syntax error<br>pfctl: Syntax error in config file: pf rules not loaded<br><br>Here my pf.conf<br><br><pre>lo_if="lo1"<br>ext_if="vmx0"<br>jail_if="vmx0bridge"<br><br><a href="https://snac.doosom.com?t=set" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#set</a> block-policy return<br>scrub in on $ext_if all fragment reassemble<br>set skip on lo<br>set skip on $jail_if<br><br>table <jails> persist<br>nat on $ext_if from <jails> to any -> ($ext_if:0)<br><a href="https://snac.doosom.com?t=nat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nat</a> on $ext_if from $jail_if:network to any -> ($ext_if)<br><a href="https://snac.doosom.com?t=nat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nat</a> on $jail_if from $jail_if:network to any -> ($jail_if)<br><a href="https://snac.doosom.com?t=nat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nat</a> on $lo_if from $jail_if:network to any -> ($lo_if)<br>rdr-anchor "rdr/*"<br><br><a href="https://snac.doosom.com?t=block" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#block</a> in all<br>pass out quick keep state<br><a href="https://snac.doosom.com?t=antispoof" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#antispoof</a> for $ext_if inet<br>pass in inet proto tcp from any to any port ssh flags S/SA keep state<br>pass in on $ext_if inet proto icmp to ($ext_if) icmp-type { unreach, redir, timex, echoreq }<br>pass in on $ext_if inet proto icmp to ($jail_if) icmp-type { unreach, redir, timex, echoreq }<br>pass in on $jail_if inet proto icmp to $jail_if:network icmp-type { unreach, redir, timex, echoreq }<br></pre><br>My BastilleBSD version is 0.13.20250126<br>
Recent searches
No recent searches
Search options
Only available when logged in.
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
297active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#antispoof
0 posts · 0 participants · 0 posts today
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload