Configure pf Firewall: Difference between revisions
Jump to navigation
Jump to search
imported>Jacob (Created page with "The philosophy we will use for the fire wall is that we split in 2 or 4 paths depending on the traffic initiated outside or inside. We als split the config in tcp and udp traf...") |
imported>Jacob No edit summary |
||
| Line 3: | Line 3: | ||
So the general layout is | So the general layout is | ||
### Macro definitions | ### Macro definitions | ||
# Stateful Tracking Options (STO) | # Stateful Tracking Options (STO) | ||
# TABLES | # TABLES | ||
# OPTIONS | # OPTIONS | ||
# TRAFFIC NORMALISATION | # TRAFFIC NORMALISATION | ||
# QUEUEING | # QUEUEING | ||
# TRANSLATION | # TRANSLATION | ||
# PACKET FILTERING | # PACKET FILTERING | ||
#====================================================== | #====================================================== | ||
# ext-if | # ext-if | ||
#======================================== | #======================================== | ||
# ext-if IN | # ext-if IN | ||
#=========================== | #=========================== | ||
# ext-if IN TCP | # ext-if IN TCP | ||
#=========================== | #=========================== | ||
# ext-if IN UDP | # ext-if IN UDP | ||
#=========================== | #=========================== | ||
# ext-if IN IMCP | # ext-if IN IMCP | ||
#======================================== | #======================================== | ||
# ext-if OUT | # ext-if OUT | ||
#=========================== | #=========================== | ||
# ext-if OUT TCP | # ext-if OUT TCP | ||
#=========================== | #=========================== | ||
# ext-if OUT UDP | # ext-if OUT UDP | ||
#=========================== | #=========================== | ||
# ext-if OUT IMCP | # ext-if OUT IMCP | ||
Revision as of 07:48, 4 June 2019
The philosophy we will use for the fire wall is that we split in 2 or 4 paths depending on the traffic initiated outside or inside. We als split the config in tcp and udp traffic for efficiency reasons see: NOTE link needed here to article or book. So the general layout is
### Macro definitions
# Stateful Tracking Options (STO) # TABLES # OPTIONS # TRAFFIC NORMALISATION # QUEUEING # TRANSLATION # PACKET FILTERING #====================================================== # ext-if #======================================== # ext-if IN #=========================== # ext-if IN TCP #=========================== # ext-if IN UDP #=========================== # ext-if IN IMCP #======================================== # ext-if OUT #=========================== # ext-if OUT TCP #=========================== # ext-if OUT UDP #=========================== # ext-if OUT IMCP