pf not execute udp port specific block rule

Question

The traffic I want to block can be sniffed as below with tcpdump:

19:16:22.391164 IP 95.95.95.95.2036 > 10.10.10.10.443: UDP, length 8192

So I wanted to write a rule block any udp destination port 443 traffic.

block drop quick on igb3 inet proto udp to any port 443

Traffic does not match and does not blocked.

However, It matches and blocks if I write rule as below:

block drop quick on igb3 inet proto udp to 10.10.10.10

Do you have any remarks?

I am using pf in Freebsd.

score 0 · Answer 1 · answered Nov 10 '13 at 15:35

0

Try: block drop quick on igb3 inet proto udp from any to any port 443

answered Nov 10 '13 at 15:35

Quetza

1 Answers1