PF Is it possible to transfer firewall rules between different FreeBSD derivatives?

Yes, just install security/tor, configure DNS server( for ex. local-unbound(8)) and put this simple rules into /etc/pf.conf:
Code: 
ext_if="igb0"
int_if="igb1"

block all
pass out quick on $int_if
pass out quick on $ext_if nat-to $ext_if
pass in quick on $int_if proto {tcp,udp} from $int_if:network to $int_if port 53
pass in quick on $int_if proto tcp from $int_if:network to $int_if port 22
pass in quick on $int_if proto tcp from $int_if:network to $int_if port {80,443} rdr-to 127.0.0.1 port 9040
where igb0 is your external interface and igb1 is internal. Please note, it is a very general rules and they may be adjusted according to your goals.
 
shurik said:
Yes, just install security/tor, configure DNS server( for ex. local-unbound(8)) and put this simple rules into /etc/pf.conf:
Code: 
ext_if="igb0"
int_if="igb1"

block all
pass out quick on $int_if
pass out quick on $ext_if nat-to $ext_if
pass in quick on $int_if proto {tcp,udp} from $int_if:network to $int_if port 53
pass in quick on $int_if proto tcp from $int_if:network to $int_if port 22
pass in quick on $int_if proto tcp from $int_if:network to $int_if port {80,443} rdr-to 127.0.0.1 port 9040
where igb0 is your external interface and igb1 is internal. Please note, it is a very general rules and they may be adjusted according to your goals.
Click to expand...

Hello,
Thank you so much for your reply.
My pfSense only has one network card.
 
You must log in or register to reply here.
Back
Top