October 9th, 2002, 13:49
it depends on your ruleset, if you were running a default deny then you would certainly have some problems accessing your your page, sounds like yopu have a open ruleset though.

zat good or bad?

I be curious for you to take a look at my pf.conf and see what you think... :?

ExtIF = "ne3" # External Interface
IntNET = "rl0" # Internal Interface Address

noRouteIPs = "{,, }"
Services = "{ ssh }"

scrub in on $ExtIF all

block in quick on $ExtIF from $noRouteIPs to any
block out quick on $ExtIF from any to $noRouteIPs

pass in on $ExtIF inet proto tcp from any to any port $Services flags S/SA keep state

block out on $ExtIF all
pass out on $ExtIF inet proto tcp all flags S/SA keep state
pass out on $ExtIF inet proto udp all keep state
pass out on $ExtIF inet proto icmp all keep state


October 9th, 2002, 14:08
Here's a good couple of threads to get you started,