PF PF and Bastille

dear my friends
I configured Bastille and it works well
but there is another problem which I don't know how to handle it.

Internet > Firewall > VMWare > FreeBSD > BastilleOS

how can I configure BastilleOS to access the Internet?

I want to access the internet from my BastilleOS?
and
How can I configure FreeBSD PF to NAT to BastilleOS from the Internet?

here is my configure:
Code:
ext_if="em0"

set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo

table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if)

## static rdr example
# rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45

## Enable dynamic rdr (see below)
rdr-anchor "rdr/*"

block in all
pass out quick modulate state
antispoof for $ext_if inet
pass in inet proto tcp from any to any port ssh flags S/SA keep state

## make sure you also open up ports that you are going to use for dynamic rdr
# pass in inet proto tcp from any to any port <rdr-start>:<rdr-end> flags S/SA keep state
# pass in inet proto udp from any to any port <rdr-start>:<rdr-end> flags S/SA keep state
 
Back
Top