|
@ -1,11 +1,11 @@ |
|
|
# $OpenBSD: pf.conf,v 1.5 2002/06/22 10:19:13 henning Exp $ |
|
|
|
|
|
|
|
|
# $OpenBSD: pf.conf,v 1.6 2002/06/27 07:00:43 fgsch Exp $ |
|
|
# |
|
|
# |
|
|
# See pf.conf(5) for syntax and examples |
|
|
# See pf.conf(5) for syntax and examples |
|
|
# |
|
|
# |
|
|
# replace ext0 with external interface name, 10.0.0.0/8 with internal network |
|
|
# replace ext0 with external interface name, 10.0.0.0/8 with internal network |
|
|
# and 192.168.1.1 with external address |
|
|
# and 192.168.1.1 with external address |
|
|
|
|
|
|
|
|
# Normalize: reassemble fragments and resolve or reduce traffic ambiguities |
|
|
|
|
|
|
|
|
# Normalize: reassemble fragments and resolve or reduce traffic ambiguities |
|
|
|
|
|
|
|
|
# scrub in all |
|
|
# scrub in all |
|
|
|
|
|
|
|
@ -28,7 +28,7 @@ |
|
|
|
|
|
|
|
|
# block all incoming packets but allow ssh, pass all outgoing tcp and udp |
|
|
# block all incoming packets but allow ssh, pass all outgoing tcp and udp |
|
|
# connections and keep state |
|
|
# connections and keep state |
|
|
# log blocked pakets |
|
|
|
|
|
|
|
|
# log blocked packets |
|
|
|
|
|
|
|
|
# block in log all |
|
|
# block in log all |
|
|
# pass in on ext0 proto tcp from any to ext0 port 22 keep state |
|
|
# pass in on ext0 proto tcp from any to ext0 port 22 keep state |
|
|