port stealth mode?

Jeremy Chadwick koitsu at FreeBSD.org
Wed Aug 20 14:38:55 UTC 2008

On Wed, Aug 20, 2008 at 04:13:01PM +0200, Leslie Jensen wrote:
> I've done some testing with Steve Gibsons "Shields up"
> https://www.grc.com/x/ne.dll?bh0bkyd2
> These tests lists the ports as closed but visible.
> Instead the site suggest that one uses stealth so that the ports are not  
> visible from the Internet.
> Is there a way to achieve this with PF?

The "block" directive, along with "set block-policy drop" should suffice
for accomplishing this in pf.

| Jeremy Chadwick                                jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |

More information about the freebsd-pf mailing list