• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

pf.conf

  1. L

    This weird PF

    Hey Guys. Following problem: Inside a jail I can ping my nameserver, i can ping someones ip adress but I cant ping a domain name. I cant install pkg or anything else inside a jail, because its not working. I set up my jails with ezjail. I created a fresh jail but its not working. I have set my...
  2. D

    PF Route outgoing smtp through pptp tunnel

    I am using freeBSD 11.1-RELEASE-p6 on a raspberry PI and I can't get it to route email out though a pptp tunnel instead of the default route through the ethernet connection. If I change smtp_bind_address in postfix main.cf to the pptp tunnel address I can see the correct from address in pflog...
  3. A

    PF pf.conf and local redirection to domain

    Hi, How to properly redirect traffic from local network to domain. I have nginx, php, mysql, wordpress etc. When I am trying to open website not in wordpress using set domain it won't open, but outside network people can open without any issues. When trying to open on local address it works...
  4. A

    PF pf.conf and Network issue

    Hi, Quick question. What could be the issue why I cannot ping my jail from local machine or local machine from jail? I thought it is pf.conf rdr somewhere wrong but now I am thinking about routing table not right. I can access anything from outside to jail. I have teamspeak3 server and if I...
  5. blueCub

    Solved PF block not stopping access to my jail

    Hello there, I have a jail inside a VM. I installed Gitea inside the Jail and configured PF (nat) to forward traffic coming on port 2000 to the jail port 3000 (The gitea web application) and left port 10000 for the ssh (for git) inside the jail. All is okay so far till recently I checked my...
  6. P

    PF I have issues with the pf.conf being loaded

    I am new to Linux/BSD. I am using FREEBSD 11 . Whenever I try to initiate PF with the pf.conf as below, it gives the error as in the image. I have loaded a custom kernel as shown in altq(4). My pf.conf is, pass inet proto icmp from any to any pass log (all) proto icmp from any to any altq...
  7. P

    PF I have issues with the pf.conf being loaded

    I am new to Linux/BSD. I am using a Debian system with a KFreeBSD kernel. Whenever I try to initiate PF with the pf.conf as below, it gives the error as in the image. My pf.conf is, pass inet proto icmp from any to any pass log (all) proto icmp from any to any altq on le0 cbq bandwidth 500Kb...
  8. big_girl

    PF pf syntax for tables

    After looking here, I'm getting some unexpected errors in a simple pf.conf while just trying to use tables correctly- cat /etc/pf.conf table <martians> const { 0.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8 } table <martians_10> const { 10.0.0.0/8 } table <martians_169> const { 169.254.0.0/16 } pfctl...
  9. K

    PF Firewall in OpenVPN client mode can't do port forwarding

    I have a FreeBSD firewall/router using PF with OpenVPN configured as client mode so that all my traffic goes through the vpn connection via the vpn provider. When the OpenVPN connection is active on my firewall I can't get port forwarding to work properly on the internet facing interface, this...
  10. F

    Solved NAT attribution, I Guess ?

    Hello everyone, I'm new in the word of FreeBSD and more on firewall ... I'm struggle with building a good pf.conf in order to run plex media server inside a jail. I don't know if I'm in the right topic, but after many try I guess is due to pf rules. So here is my /etc/rc.conf...
  11. D

    PF Anchor not working

    Hello all, I have an anchor for tagging packets based on their source IP origin country. For this I create a bunch of files inside /etc/firewall/tables/dynamic/ which contain the network prefixes for a certain country. For example, here is the output of head...
  12. E

    PF redirect all traffic to the local mitmproxy on MAC

    Hello, I'm trying to use mitmproxy to sniff my Android and know my Whatsapp Password. In order to do that, I read in the mitmproxy doc that I have to "redirect all traffic destined for port 80 or 443 to the local mitmproxy instance running on port 8080"...
  13. S

    PF Can PF be bypassed?

    Hi, Can anyone tell me if PF can be by-passed by an outsider(intruder)? I have an IP address that has already been in my ip.blocked table for two days and still its scans reach the web platform of the site where it is blocked by a firewall add-on/plugin at application level. Any help is welcome.
  14. quamenzullo

    Solved Questions about a pf.conf

    In order to present these questions, I think it's necessary to tell all the following circumstances. I'm playing with pf on a new server (not in production, no data on it yet, I can reinstall from scratch if necessary, but there's also a "rescue-bsd" mode that lets me mount the filesystems and...
  15. D

    Altq

    Can Someone help me with some tutorials and other things about altq? Thanks.
  16. arader

    PF Antispoof line in pf.conf kills networking?

    Hi all, I've set up a simple FreeBSD router for my network, and I'm seeing something rather confusing happen with pf. My network is essentially {internet}--{FreeBSD igb0}-{FreeBSD igb1}--{switch}--{WiFi AP} I have a pf.conf file that is very basic, the intent is allow everything "out", and drop...
  17. sidetone

    PF Guide: pf.conf quick reference

    PF is divided into the sections: * Macros - Variables are defined in this section. This simplifies changing hardware, or makes it easier to list a lot of arguments as a variable. IP's are not set here, but instead in the next section. * Tables - Variables for IP's are defined here. This can be...
Top