View Single Post
  #3   (View Single Post)  
Old 26th January 2012
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Quote:
Originally Posted by daemonfowl View Post
what is the safest strategy to follow in pf rule set for an OpenBSD Desktop ?
This depends upon your ultimate goals. The following ruleset is simple & very restrictive:
Code:
block in all
pass out all
However, it doesn't do any logging, but maybe logging isn't important to you.

The point here is that one size doesn't fit all situations. The question is broad, & one definitive answer doesn't exist. You can help determine the answer which best fits your needs by studying:Taking the time to digest the information in these sources will help better frame your understanding & future questions.

...& of course, the pf(4) manpage is gospel.
Reply With Quote