Configure pf Firewall

From wiki
Revision as of 08:54, 4 June 2019 by imported>Jacob
Jump to navigation Jump to search

The philosophy we will use for the fire wall is that we split in 2 or 4 paths depending on the traffic initiated outside or inside. We als split the config in tcp and udp traffic for efficiency reasons see: NOTE link needed here to article or book. So the general layout of the pf file is

Macro Definitions

Stateful Tracking Options (STO)

TABLES

OPTIONS

TRAFFIC NORMALISATION

QUEUEING

TRANSLATION

PACKET FILTERING

#======================================================
#	ext-if
#========================================
#	ext-if IN
#===========================
#	ext-if IN TCP
#===========================
#	ext-if IN UDP
#===========================
#	ext-if IN IMCP
#========================================
#	ext-if OUT
#===========================
#	ext-if OUT TCP
#===========================
#	ext-if OUT UDP
#===========================
#	ext-if OUT IMCP
#======================================================
#	int-if
#========================================
#	int-if IN
#===========================
#	int-if IN TCP
#===========================
#	int-if IN UDP
#===========================
#	int-if IN ICMP
#========================================
#	int-if OUT
#===========================
#	int-if OUT TCP
#===========================
#	int-if OUT UDP
#===========================
#	int-if OUT ICMP
Retrieved from "https://wiki.sjakio.com:443/index.php?title=Configure_pf_Firewall&oldid=289"