PF Is it possible to transfer firewall rules between different FreeBSD derivatives?

hack3rcon · 2026-05-31T11:04:36+0100

Hello,
I read the article https://cybernomad.online/dark-web-building-a-tor-gateway-7a7dfa45884f and implemented it. I want to port this implementation to FreeBSD. Is it possible?

Thank you.

shurik · 2026-05-31T11:37:50+0100

Yes, just install security/tor, configure DNS server( for ex. local-unbound(8)) and put this simple rules into /etc/pf.conf:

Code:

ext_if="igb0"
int_if="igb1"

block all
pass out quick on $int_if
pass out quick on $ext_if nat-to $ext_if
pass in quick on $int_if proto {tcp,udp} from $int_if:network to $int_if port 53
pass in quick on $int_if proto tcp from $int_if:network to $int_if port 22
pass in quick on $int_if proto tcp from $int_if:network to $int_if port {80,443} rdr-to 127.0.0.1 port 9040

where igb0 is your external interface and igb1 is internal. Please note, it is a very general rules and they may be adjusted according to your goals.

drhowarddrfine · 2026-05-31T12:02:18+0100

You are either using FreeBSD or you are not. This isn't Linux.

PF Is it possible to transfer firewall rules between different FreeBSD derivatives?

hack3rcon

shurik

drhowarddrfine