Hi!
As a getting-to-know FreeBSD project I'm setting up a small personal webserver. The PF rules I have for the moment:
Am I missing something that really should be there? Connection limiting seems hard with proxies etc.
Slightly OT, the only optimization I've done (FreeBSD 8, Generic amd64) is:
kern.ipc.somaxconn=1024
The same question applies here, am I missing something important?
PS. Nginx+PHP+MySQL on FreeBSD is blazingly fast
As a getting-to-know FreeBSD project I'm setting up a small personal webserver. The PF rules I have for the moment:
Code:
# Macros
EXT="em0"
# Block everything by default
block all
# Allow everything to/from localhost
pass in quick on lo0 all
pass out quick on lo0 all
# In
pass in on $EXT proto tcp from any to port {22, 80}
# Out
pass out on $EXT all
Am I missing something that really should be there? Connection limiting seems hard with proxies etc.
Slightly OT, the only optimization I've done (FreeBSD 8, Generic amd64) is:
kern.ipc.somaxconn=1024
The same question applies here, am I missing something important?
PS. Nginx+PHP+MySQL on FreeBSD is blazingly fast