View Single Post
Old 3rd December 2017
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 397
Default

Quote:
Originally Posted by johnR View Post
I'm using these lines in pf.conf on the PC which I'm using to post here:

block in all
pass out all

This does the job for now while I learn more about pf, mainly from reading the Hansteen book. The above lines and what they do are described on page 17 of the book (3rd edition). I'm just an OpenBSD noob though, so I would strongly recommend that you follow jggimi's advice and learn what these rules do before blindly copying them.
Usually it is good to skip block in rule on internal interface, regardless that local process IPC should be done by Unix domain sockets. Example:
Code:
set skip on lo0
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote