The one I posted in http://www.daemonforums.org/showthread.php?t=4367 is quite strict, or paranoiac. It even limits ftp to a bunch of explicitly named ftp server.
IMHO allowing p2p is incompatible with security
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|