I'm following the handbook here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/book.html#firewalls-pf
My /etc/pf.conf looks like this since "The simplest possible ruleset is for a single machine that does not run any services and which needs access to one network, which may be the Internet."
In the terminal...
Is it safe to ignore those ALTQ messages? And does my pf.conf look fine? Or is there a better/safer ruleset?
Thanks.
My /etc/pf.conf looks like this since "The simplest possible ruleset is for a single machine that does not run any services and which needs access to one network, which may be the Internet."
Code:
tcp_services = "{ ssh, smtp, domain, www, pop3, auth, pop3s }"
udp_services = "{ domain }"
block in all
pass out all keep state
pass inet proto icmp from $localnet to any keep state
pass inet proto icmp from any to $ext_if keep state
In the terminal...
Code:
# service pf start
Enabling pfNo ALTQ support in kernel
ALTQ related functions disabled
No ALTQ support in kernel
ALTQ related functions disabled
# service pflog start
Starting pflog.
# pfctl -e
No ALTQ support in kernel
ALTQ related functions disabled
pfctl: pf already enabled
# pfctl -f /etc/pf.conf
No ALTQ support in kernel
ALTQ related functions disabled
Is it safe to ignore those ALTQ messages? And does my pf.conf look fine? Or is there a better/safer ruleset?
Thanks.