A way to load PF rules at startup using OpenVPN
krad
kraduk at gmail.com
Thu Jan 22 07:05:28 UTC 2015
Good spot you are right I forgot about that
On 21 Jan 2015 19:18, "Chris Ernst" <snowiswhite at gmail.com> wrote:
> Hi Atma
>
> i had similar issues with exactly the same setup. I was able to solve the
> issues by using *brackets* in pf.conf
> actually brackets specify dynamic IPs. By using brackets pf knows the IP
> may change.
>
> here is an extract out of my pf.conf
>
> user at gateway:~ # more /etc/pf.conf
> intIf = "vr3"
> extIf = "vr0"
> vpnIf = "tun0"
> [...]
> [...]
> ### filter rules
> block all
> [...]
> [...]
> # allow from vpn to internal
> pass in on $vpnIf inet proto {tcp,udp} from ($vpnIf:network) to $intNet
> keep state
> pass in on $intIf inet proto {tcp,udp} from ($vpnIf:network) to $intNet
> keep state
>
> best regards
> Chris
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-
> unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list