[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PF on router

To: freebsd-pf_(_at_)_freebsd_(_dot_)_org
Subject: PF on router
From: Jon Otterholm <jon_(_dot_)_otterholm_(_at_)_ide_(_dot_)_resurscentrum_(_dot_)_se>
Date: Mon, 05 Dec 2005 23:02:25 +0100

Hello.

I am setting up a router with a bunch of if's. I will not do any NAT or fire walling.

I want to protect the router and it's if's with PF without blocking any traffic not destined to the router.

Late tonight I came up with this pf.conf and I would like to have some feedback on it

#pf.conf

table <ifips> { xxx.xxx.xxx.xxx }
table <noc> { xxx.xxx.xxx.xxx }

pass in quick proto tcp from <noc> to any port 22 keep state

block out quick from any to <ifips>

pass in all
pass out all


/J
_______________________________________________
freebsd-pf_(_at_)_freebsd_(_dot_)_org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscribe_(_at_)_freebsd_(_dot_)_org"

Prev by Date: Re: PF + ALTQ... help please!!
Next by Date: PF on router v2.0
Previous by thread: Re: Multicast over NAT
Next by thread: PF on router v2.0
Index(es):
- Date
- Thread

Visit your host, monkey.org