NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: pf version

> I think it is from OpenBSD 4.2 and 4.3-current. See the src/doc/3RDPARTY 
> file about it.

Pretty old.   :)

> You may want to consider learning NPF which is maintained in NetBSD. 
> Probably some here can help you convert rules as needed.

I read tutorial and stayed puzzled.
Let's try:

set skip on lo0
match in all scrub (no-df)
block in all
block out all
pass out on fxp0 proto { tcp, udp, icmp } from any to any modulate state
pass in on fxp0 proto tcp from any to any port ssh

I still have some time to consider npf.
Best regards all


Home | Main Index | Thread Index | Old Index