I've tried this several ways, but I can't seem to block udp traffic. Really I just need to do this on one port. Got frustrated and tried blocking all udp traffic multiple ways and it still doesn't work. This is my /etc/pf.conf now:
If it was blocking udp right, I shouldn't be able to do this after doing a pfctl -nf /etc/pf.conf:
Anyone see what I might be missing?
Code:
ext_if = "em0"
# Block all incoming and outgoing traffic by default
block in all
block out all
# Block all UDP traffic by default
block in proto udp all
block out proto udp all
# Whitelist specific TCP ports
pass in on $ext_if proto tcp from any to any port { 22, 53, 80, 8080, 8081, 9050 } keep state
pass out on $ext_if proto tcp from any to any port { 22, 53, 80, 8080, 8081, 9050 } keep state
# Table definitions for jails
table <jails> persistIf it was blocking udp right, I shouldn't be able to do this after doing a pfctl -nf /etc/pf.conf:
Code:
# dig -p 53 google.com +notcp
; <<>> DiG 9.20.4 <<>> -p 53 google.com +notcp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34341
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 1534 IN A 142.250.74.142
;; Query time: 11 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Sun Jan 19 00:02:24 UTC 2025
;; MSG SIZE rcvd: 55Anyone see what I might be missing?
