Please help me with my PF config

Preston Hagar prestonh at gmail.com
Fri Mar 7 19:37:20 UTC 2008


On Thu, Mar 6, 2008 at 12:02 PM, Alaor Barroso de Carvalho Neto
<alaorneto at gmail.com> wrote:
> 2008/3/6, Erik Norgaard norgaard at locolomo.org:
>  I know my config is far away from a good config but it's the first time I
>  configure an firewall, and I have only basic english knowledge, I'm not
>  totally sure about I can and I can not do, even since I read the tutorials,
>  because my english skills aren't good enough. The "IN" and "OUT" stuff is
>  very confusing for me yet.
>
>  But thankz a lot, it's working now.
>
>  Hugs,
>  Alaor Neto
>
>

It looks like you already have your problem solved.  One utility you
might want to look at is pftop.  With it, you can see pretty much in
real time what is going through pf and what is being blocked.  This
has helped me a lot to find out which rule in blocking something I
need to let through.  If you run pftop, then hit the right arrow key,
it will have the rule that is being applied for a given connection on
the far right-hand side.  If you hit SHIFT+S it will order the
connections by source ip to help you find what you are looking for.
Once you have the rule number that is blocking the connection you need
to let through, hit the right arrow 4 more times to see the list of
rules and their corresponding numbers.

It may or may not be of much use to you, but I have found pftop to be
indispensable when setting up pf firewalls.

Preston


More information about the freebsd-questions mailing list