PF how it works

Eric A. Borisch · Jul 8, 2019

In and out are with respect to the (typically physical) interface on the machine with the pf rules. For a router acting as a firewall, a packet from a private host going to the Internet, will come in (to the router) on the private interface, and go out on the public interface, while return packets from the connection will come in on the public and out on the private. So “in” and “out” don’t know anything about what you consider internal or external, they only know about the direction a packet is going on a physical interface.

ravinew1 · Jul 8, 2019

Very sily question I think. How can a NIC card or interface knows which is incoming traffic and out going traffic.(by seeing ip address, it will decide I think)

tommiie · Jul 8, 2019

ravinew1 said:
Very sily question I think. How can a NIC card or interface knows which is incoming traffic and out going traffic.(by seeing ip address, it will decide I think)

If the interface receives a packet, it is incoming. If the interface sends out a packet on to the network, it is outgoing.

ravinew1 · Jul 9, 2019

i need suggestion in writing rules for accessing multiple SSH Clients on internal network from external network.

suppose my external system ip is 192.168.43.51, using through firewall ,i should able to access SSH interface of multiple clients.

tommiie · Jul 9, 2019

You should really read a book on the basics of networking as well as read the documentation of the PF firewall.

PF how it works

Eric A. Borisch

ravinew1

tommiie

ravinew1

tommiie