I did a search before i posted this and i can't seem to find a definitive answer.
I'm using pf as my firewall, this is a single interface machine without nat. I just need to open the correct nfs listening ports.
here is my pf.conf SO FAR for this machine.
i have a second loopback device called lo1 to allow some stuff to communicate between jails (mysql, apache)
I'm using pf as my firewall, this is a single interface machine without nat. I just need to open the correct nfs listening ports.
here is my pf.conf SO FAR for this machine.
i have a second loopback device called lo1 to allow some stuff to communicate between jails (mysql, apache)
Code:
#defined services
tcp_services = "{ssh, smtp, domain, ftp, www, pop3, auth, https, pop3s, 137, 138, 139, 51500, 10000 }"
udp_services = "{ domain, ftp, ntp, 137, 138, 139, 1900 }"
#interface for all ip's on em0
int="re0"
#log interface
set loginterface $int
#default block rule
block all
#allow traffic to/from localhost
pass in quick on lo0 all
pass in quick on lo1 all
pass out quick on lo0 all
pass out quick on lo1 all
#default pass in for our defined services
pass in on $int proto tcp from any to any port $tcp_services keep state
pass in on $int proto udp from any to any port $udp_services keep state
#pass in for all torrentflux-b4rt services
pass in quick on $int proto tcp from any to any port 49160:49300 keep state
# allow everything else out
pass out on $int proto tcp from any to any keep state
pass out on $int proto udp from any to any keep state