PF one soruce ip allow ssh

Hello

I just want to get SSH access from an ip address. How do I configure PF for this?


pass in on vtnet0 inet proto tcp from x.x.x.x to any flags S/SA keep state
block drop in on vtnet0 proto tcp from any to any port = ssh


Thanks.
 
PF doesn't stop processing when it matches a rule and the last hit tells it to block. Either add the quick keyword to your pass rule or change the order.
 
Very thanks.


scrub in all fragment reassemble
pass out all flags S/SA keep state
block drop in log all
pass in on vtnet0 inet proto tcp from X.X.X.X to any flags S/SA keep state
pass in on vtnet0 inet proto tcp from any to any port = ssh flags S/SA keep state
pass in on vtnet0 inet proto icmp from X.X.X.X to any keep state


I learned. First I blocked all incoming traffic. I've allowed outgoing traffic. So I just write the transition rule to all the rules I have built on it.

Now I'm curious about:

  1. How do I block portscan?
  2. How can I write a single rule to multiple ports?
(For example: assign a variable to tcp ports like 25,22,21
I want to allow one rule.)


12.0-RELEASE
 
Hello

thanks for the answer. I did it using PF. Now I'm trying to block the ip address at the country level. Unfortunately we cannot use the geoip here.


block in log all
pass in on $ext_if inet proto icmp from <trust> to any keep state
 
Back
Top