|
@ -1,10 +1,14 @@ |
|
|
# $OpenBSD: pf.conf,v 1.4 2002/06/17 08:07:58 henning Exp $ |
|
|
|
|
|
|
|
|
# $OpenBSD: pf.conf,v 1.5 2002/06/22 10:19:13 henning Exp $ |
|
|
# |
|
|
# |
|
|
# See pf.conf(5) for syntax and examples |
|
|
# See pf.conf(5) for syntax and examples |
|
|
# |
|
|
# |
|
|
# replace ext0 with external interface name, 10.0.0.0/8 with internal network |
|
|
# replace ext0 with external interface name, 10.0.0.0/8 with internal network |
|
|
# and 192.168.1.1 with external address |
|
|
# and 192.168.1.1 with external address |
|
|
# |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Normalize: reassemble fragments and resolve or reduce traffic ambiguities |
|
|
|
|
|
|
|
|
|
|
|
# scrub in all |
|
|
|
|
|
|
|
|
# nat: packets going out through ext0 with source address 10.0.0.0/8 will get |
|
|
# nat: packets going out through ext0 with source address 10.0.0.0/8 will get |
|
|
# translated as coming from 192.168.1.1. a state is created for such packets, |
|
|
# translated as coming from 192.168.1.1. a state is created for such packets, |
|
|
# and incoming packets will be redirected to the internal address. |
|
|
# and incoming packets will be redirected to the internal address. |
|
@ -29,4 +33,3 @@ |
|
|
# block in log all |
|
|
# block in log all |
|
|
# pass in on ext0 proto tcp from any to ext0 port 22 keep state |
|
|
# pass in on ext0 proto tcp from any to ext0 port 22 keep state |
|
|
# pass out on ext0 proto { tcp, udp } all keep state |
|
|
# pass out on ext0 proto { tcp, udp } all keep state |
|
|
|
|
|
|