Configure pf Firewall: Difference between revisions
Jump to navigation
Jump to search
imported>Jacob No edit summary |
imported>Jacob No edit summary |
||
| Line 10: | Line 10: | ||
==== OPTIONS ==== | ==== OPTIONS ==== | ||
==== TRAFFIC NORMALISATION ==== | |||
==== QUEUEING ==== | |||
==== TRANSLATION ==== | |||
==== PACKET FILTERING ==== | |||
#====================================================== | #====================================================== | ||
# ext-if | # ext-if | ||
Revision as of 08:54, 4 June 2019
The philosophy we will use for the fire wall is that we split in 2 or 4 paths depending on the traffic initiated outside or inside. We als split the config in tcp and udp traffic for efficiency reasons see: NOTE link needed here to article or book. So the general layout of the pf file is
Macro Definitions
Stateful Tracking Options (STO)
TABLES
OPTIONS
TRAFFIC NORMALISATION
QUEUEING
TRANSLATION
PACKET FILTERING
#====================================================== # ext-if #======================================== # ext-if IN #=========================== # ext-if IN TCP #=========================== # ext-if IN UDP #=========================== # ext-if IN IMCP #======================================== # ext-if OUT #=========================== # ext-if OUT TCP #=========================== # ext-if OUT UDP #=========================== # ext-if OUT IMCP #====================================================== # int-if #======================================== # int-if IN #=========================== # int-if IN TCP #=========================== # int-if IN UDP #=========================== # int-if IN ICMP #======================================== # int-if OUT #=========================== # int-if OUT TCP #=========================== # int-if OUT UDP #=========================== # int-if OUT ICMP