I want to only allow ping responses from specific IP ranges, here’s what I have so far, but it’s not working.
pass in log break end proto icmp from x.x.x.x/x to addr-ppp 1 inspect-state
block in log break end proto icmp to any
I want to only allow ping responses from specific IP ranges, here’s what I have so far, but it’s not working.
pass in log break end proto icmp from x.x.x.x/x to addr-ppp 1 inspect-state
block in log break end proto icmp to any
Hi if you are applying this to the wan interface you might want to add this
pass out break end from addr-ppp1 to any
the other thing is to use the analyser to see what is being dropped on the interface and what is coming in as other rules could be effecting the results
regards
James