PF question
Doug Niven
dniven at ucsc.edu
Fri Feb 10 22:50:55 UTC 2017
Hi Folks,
This may be a little off-topic but I know there are some PF experts out there...
The following PF rule successfully blocks out "off campus" traffic to
port 22, but it only blocks it if the interface name is "en0"
How can I tweak this so it will block out port 22 for ANY/ALL
interfaces on the host, even if I don't know their names?
table <friendlies> { 111.222.0/16, 222.333.0.0/16 } persist
block in proto tcp from any to any port {22}
pass in on en0 proto tcp from <friendlies> to (en0) port {22}
flags S/SA keep state
Thanks in advance for your expertise.
Doug
More information about the freebsd-questions
mailing list