D
dns
Guest
Here is my pf.conf
(1).Peoples can't connect to hlds server when firewall status is 'on';
(2).I want share internet and ignore this line 'set skip on rl0' (how to)
Please see my pf.conf
(1).Peoples can't connect to hlds server when firewall status is 'on';
(2).I want share internet and ignore this line 'set skip on rl0' (how to)
Please see my pf.conf
Code:
# See pf.conf(5) and /usr/share/examples/pf for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.
ext_if="nfe0"
int_if="rl0"
table <spamd-white> persist
set skip on lo0
set skip on rl0
scrub in
#nat-anchor "ftp-proxy/*"
#rdr-anchor "ftp-proxy/*"
nat on $ext_if from !($ext_if) -> ($ext_if:0)
#rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
#no rdr on $ext_if proto tcp from <spamd-white> to any port smtp
#rdr pass on $ext_if proto tcp from any to any port smtp \
# -> 127.0.0.1 port spamd
anchor "ftp-proxy/*"
block in
pass out
pass quick on $int_if no state
antispoof quick for { lo $int_if }
pass in on $ext_if proto tcp to ($ext_if) port {22,80,137,138,139,455,28960,31337}
pass in on $ext_if proto {tcp,udp} to ($ext_if) port {27015,27016,27050,27052}
pass in log on $ext_if proto tcp to ($ext_if) port smtp
pass in log on $ext_if proto tcp to ($ext_if) port smtp
pass out log on $ext_if proto tcp from ($ext_if) to port smtp
pass in on $ext_if inet proto icmp from any to ($ext_if) icmp-type { unreach, redir, timex }