Hi,
I just installed security/openvpn and I have the following up.sh and down.sh for the OpenVPN server I run on my firewall
/usr/local/etc/openvpn/up.sh
/usr/local/etc/openvpn/down.sh
In /etc/pf.conf I add
Do I put this line just after the
I just installed security/openvpn and I have the following up.sh and down.sh for the OpenVPN server I run on my firewall
/usr/local/etc/openvpn/up.sh
Code:
#!/bin/sh
ANCHOR="openvpn"
/sbin/ifconfig ${dev} inet6 -ifdisabled
/sbin/pfctl -a ${ANCHOR} -F rules
/sbin/pfctl -a ${ANCHOR} -F nat
/sbin/pfctl -a ${ANCHOR} -f - <<EOT
nat on ${OPENVPN_wan} inet from ${dev}:network to any -> (${OPENVPN_wan}:0) port 1024:65535
pass quick on ${dev} all
pass in quick on ${OPENVPN_wan} inet proto udp from any to (${OPENVPN_wan}) port ${local_port_1}
EOT
Code:
#!/bin/sh
/sbin/pfctl -a openvpn -F rules
/sbin/pfctl -a openvpn -F nat
rdr-anchor "openvpn"
andthe question that I have now is where does anchor "openvpn"
go in the file?Do I put this line just after the
block log all
rule or before?
Last edited by a moderator: