I'm working with pfctl on Mac OS X and I'm trying to make a policy/anchor what blocks SSH for ALL ips, but not for a specific ip. I try that:
pass in on en1 proto tcp from any to any port < 22 flags S/SA
pass out on en1 proto tcp from any to any port < 22 flags S/SA
pass in on en1 proto tcp from any to any port > 22 flags S/SA
pass out on en1 proto tcp from any to any port > 22 flags S/SA
block in on en1 proto tcp from any to any port 22
block out on en1 proto tcp from any to any port 22
But the result is blocking all conections on port 22. Exist the possibility to allow SSH connection from specific ip? Or a table what a send a list of IPs what will connect on my system by SSH.
Best regards!
