PF on router v2.0
Jon Otterholm
jon.otterholm at ide.resurscentrum.se
Mon Dec 5 14:07:16 PST 2005
Hello again, an update...
I am setting up a router with a bunch of if's. I will not do any NAT or
fire walling.
I want to protect the router and it's if's with PF without blocking any
traffic not destined to the router.
Late tonight I came up with this pf.conf and I would like to have some
feedback on it
#pf.conf
table <ifips> { xxx.xxx.xxx.xxx }
table <noc> { xxx.xxx.xxx.xxx }
pass in quick proto tcp from <noc> to any port 22 keep state
block in quick from any to <ifips>
pass in all
pass out all
/J
More information about the freebsd-pf
mailing list