Pf: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 42: | Zeile 42: | ||
pass in all | pass in all | ||
</pre> | </pre> | ||
| + | =Shortview= | ||
| + | =pf deactivate= | ||
| + | *pfctl -d | ||
| + | =pf activate= | ||
| + | *pfctl -e | ||
| + | =read rules from another directory= | ||
| + | *pfctl -ef /home/thomas/pf.conf | ||
| + | =load default-rules= | ||
| + | *pfctl -f /etc/pf.conf | ||
| + | =short state info= | ||
| + | *pfctl -s info | ||
| + | =detailinfo to every rule= | ||
| + | *pfctl -vs info | ||
| + | |||
| + | |||
=Links= | =Links= | ||
*https://www.freebsd.org/doc/de_DE.ISO8859-1/books/handbook/firewalls-pf.html | *https://www.freebsd.org/doc/de_DE.ISO8859-1/books/handbook/firewalls-pf.html | ||
Version vom 31. Oktober 2017, 11:58 Uhr
/etc/rc.conf
gateway_enable="YES" pf_enable="YES" pf_rules="/etc/pf.conf" pflog_logfile="/var/log/pflog"
/etc/pf.conf
####################
# MACROS #
####################
wandev=re0
landev=re1
#IP_EXT="{ 192.168.1.1 }"
lan="{ 10.83.39.0/24 }"
#tcp_services="{ 22, 443 }"
####################
# TABLES #
####################
####################
# OPTIONS #
####################
####################
# TRAFFIC #
####################
####################
# QUEUEING #
####################
####################
# TRANSLATION #
####################
nat on $wandev from $lan to any -> ($wandev)
#rdr on $INET inet proto tcp to port 22 -> 192.168.2.2 22
####################
# PACKET FILTERING #
####################
pass in all
Shortview
pf deactivate
- pfctl -d
pf activate
- pfctl -e
read rules from another directory
- pfctl -ef /home/thomas/pf.conf
load default-rules
- pfctl -f /etc/pf.conf
short state info
- pfctl -s info
detailinfo to every rule
- pfctl -vs info