I've created a network group {blocklist} which includes the network 80.nnn.110.0/255.255.255.0
I've added the PF rules:
1 { BlockList } Any sparkle_ext_Interface__ Drop
2 { BlockList } Any Any Drop
But I'm still seeing this in my log:
May 30 00:44:46 (none) kernel: TCP Drop: IN=eth1 OUT= MAC=00:01:02:40:ff:3b:ff:02:ff:00:ff:a5:ff:00 SRC=80.nnn.110.228 DST=66.nnn.nnn.247 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=20746 DF PROTO=TCP SPT=48024 DPT=8888 WINDOW=5808 RES=0x00 SYN URGP=0
Why am I getting these when I've chosen DROP and not LOG DROP?
Cheers,
-zeek
This thread was automatically locked due to age.
