I am using FreeBSD 12.1-RELEASE, amd64. After installing the PF firewall, I am now getting this message:
server ntpd: error resolving pool 0.freebsd.pool.ntp.org: Name does not resolve (8)
I am not new to FreeBSD, but I am new to PF firewall.
Also, I have blocked myself out of ssh and my webmin application.
I would appreciate any help.
Thanks in advance. Here is my pf.conf
server ntpd: error resolving pool 0.freebsd.pool.ntp.org: Name does not resolve (8)
I am not new to FreeBSD, but I am new to PF firewall.
Also, I have blocked myself out of ssh and my webmin application.
I would appreciate any help.
Thanks in advance. Here is my pf.conf
Code:
pub_ip="xxx.yyy.zzz.aaa"
work_ip="192.168.1.zzz"
ext_if="em0"
int_if="lo1"
int_net="192.168.1.yyy/255"
icmp_type = "{ echoreq unreach }"
table <spamd-white> persist
table <bruteforce> persist
table <webcrawlers> persist
table <rfc6890> { 0.0.0.0/8 10.0.0.0/8 100.64.0.0/10 127.0.0.0/8 169.254.0.0/16 \
172.16.0.0/12 192.0.0.0/24 192.0.0.0/29 192.0.2.0/24 192.88.99.0/24 \
192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 203.0.113.0/24 240.0.0.0/4 \
255.255.255.255/32 }
set skip on lo
scrub in all fragment reassemble max-mss 1440
nat on $ext_if inet from !($ext_if) -> ($ext_if:0)
no rdr on $ext_if proto tcp from <spamd-white> to any port smtp
antispoof quick for { lo $ext_if }
block in quick on $ext_if from <rfc6890>
block return out quick on egress to <rfc6890>
block on $ext_if from <badhosts> to any
block all
pass in on $ext_if proto tcp from $work_ip to ($ext_if) port { 22 80 443 3306 10000 11000 } keep state (max-src-conn 15, max-src-conn-rate 3/1, overload <bruteforce> flush global)
pass out on $ext_if proto tcp from $ext_if to any port { 22 80 443 3306 10000 11000 } keep state
pass in on $ext_if inet proto icmp from any to ($ext_if) icmp-type $icmp_type
pass inet proto icmp icmp-type $icmp_type