Pf: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→Links) |
|||
| Zeile 1: | Zeile 1: | ||
| + | =start manuel= | ||
| + | *kldload pf | ||
| + | *pfctl -e | ||
=/etc/rc.conf= | =/etc/rc.conf= | ||
gateway_enable="YES" | gateway_enable="YES" | ||
| Zeile 4: | Zeile 7: | ||
pf_rules="/etc/pf.conf" | pf_rules="/etc/pf.conf" | ||
pflog_logfile="/var/log/pflog" | pflog_logfile="/var/log/pflog" | ||
| + | |||
=/etc/pf.conf= | =/etc/pf.conf= | ||
<pre> | <pre> | ||
Version vom 25. Juli 2021, 13:31 Uhr
start manuel
- kldload pf
- pfctl -e
/etc/rc.conf
gateway_enable="YES" pf_enable="YES" pf_rules="/etc/pf.conf" pflog_logfile="/var/log/pflog"
/etc/pf.conf
####################
# MACROS #
####################
wandev=re0
landev=re1
#IP_EXT="{ 192.168.1.1 }"
lan="{ 10.83.39.0/24 }"
#tcp_services="{ 22, 443 }"
####################
# TABLES #
####################
####################
# OPTIONS #
####################
####################
# TRAFFIC #
####################
####################
# QUEUEING #
####################
####################
# TRANSLATION #
####################
nat on $wandev from $lan to any -> ($wandev)
#rdr on $INET inet proto tcp to port 22 -> 192.168.2.2 22
####################
# PACKET FILTERING #
####################
pass in all
Shortview
pf deactivate
- pfctl -d
pf activate
- pfctl -e
read rules from another directory
- pfctl -ef /home/thomas/pf.conf
load default-rules
- pfctl -f /etc/pf.conf
short state info
- pfctl -s info
detailinfo to every rule
- pfctl -vs info
show firewall rules
- pfctl -sr
show NAT rules
- pfctl -sn
show all
- pfctl -sa