How to test a firewall with NAT?
alexander.shevchenko at itv.ru
Sun Nov 19 01:12:31 PST 2006
U can use "-n" flag for parsing rules before loading them
pfctl -nvvv -f /etc/pf.conf
Look at this port /usr/ports/sysutils/pftop
pftop displays the active packetfilter states, rules, and queues
From: owner-freebsd-net at freebsd.org [mailto:owner-freebsd-net at freebsd.org]
On Behalf Of Gregory Edigarov
Sent: Friday, November 17, 2006 1:25 PM
To: freebsd-net at freebsd.org
Subject: How to test a firewall with NAT?
I am trying to move one of my servers/routers from linux/iptables to
freebsd/pf, and need a methodology of testing the pf firewall ruleset
before it will go in production. I cannot experiment on live network,
because it's a busy server.
I only have one other machine available.
What can I do and what tool can you recommend?
With best regards,
More information about the freebsd-net