This is what I have come up with so far.
It does work but I question how protected I am....
Should I be filtering the output also???
Is there a gui front end for PF?
Thanks!!
It does work but I question how protected I am....
Should I be filtering the output also???
Is there a gui front end for PF?
Thanks!!
Code:
# Set some variables for use later
ext_if="fxp0"
int_if="xl0"
icmp_types="echoreq"
# Skip all loopback traffic
set skip on lo
# Scrub all traffic
scrub in
# Perform NAT on external interface
nat on $ext_if from $int_if:network -> ($ext_if:0)
# Define default behavior
block in log(all)
pass out keep state
# Allow inbound traffic on internal interface
pass quick on $int_if
# Protect against spoofing
antispoof quick for { lo $int_if }