pf firewall

Hi, I have a problem with my PF it seems after all verification made with pfctl -vnf /etc/pf.conf NOT with the rulesets but number of tables and the size of it. Can be adjusted this situation? I can't control the size of tables for zones because are country based IP net blocks. So first I...

Hi, I want to setup PF for round-robin NAT and ipfw for traffic shaping and filtering, but I can't find an appropriate description of a packet trip through firewalls in FreeBSD. So if I'll specify in rc.conf: firewall_enable="YES" dummynet_enable="YES" pf_enable="YES" will it mean that packet...

Recently I started dabbling with Packet_Filter (PF) to set up my firewall. So far I read a bit in the PF Handbook and our FreeBSD Handbook (chapter on PF). The firewall works fine and the rules seem sane. However, I cannot connect to #freenode with PF enabled. Does anyone know any pass command...

I met a trouble wit synproxy and net/haproxy. I've installed net/haproxy on server 10.0.0.2, I tried to apply synproxy in front of our webserver, but it didn't work. Here's the rule I used: pass in on $ext_if proto tcp from 10.0.0.10 to 10.0.0.2 flags S/SA synproxy state It worked with 'keep...

PF is divided into the sections: * Macros - Variables are defined in this section. This simplifies changing hardware, or makes it easier to list a lot of arguments as a variable. IP's are not set here, but instead in the next section. * Tables - Variables for IP's are defined here. This can be...