initial pf configuration
Littlefield, Tyler
tyler at tysdomain.com
Sun Feb 10 18:46:31 UTC 2013
hello:
This is my initial pf configuration. I'd like to make sure it's ok.
Also, if there's anything else I could do better, I would like to know.
This is for a single public server running two servers--ssh and my mud.
if="em0"
tcp_services="{ 22 6666}"
set block-policy drop
set skip on lo
set loginterface $if
set ruleset-optimization profile
set skip on lo
scrub in on $if all fragment reassemble
block in all
antispoof quick for { $if lo }
pass out from any to any
pass in on $if proto tcp from any to any port $tcp_services synproxy state
--
Take care,
Ty
http://tds-solutions.net
The aspen project: a barebones light-weight mud engine:
http://code.google.com/p/aspenmud
He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave.
More information about the freebsd-pf
mailing list