I would like to enable ssh but only allow a specific LAN client to access the server. Below is my setup:
Code:
internet
|
|
cable modem
|
|
---- dynamic wan ip (em0) ----
| |
| openbsd |
| |
----- 10.255.255.1 (em1) -----
|
|
wireless access point
10.255.255.2
|
|
--------------------
| |
| |
10.255.255.100 10.255.255.101
desktop netbook
I would like to allow 10.255.255.101 to access the ssh server. Obviously this is LAN access only so I don't want any possible access to the ssh server from the internet. Could someone assist with providing a suggestion on a pf rule or rules to help me accomplish this. The wireless access point isn't doing any packet filtering. Thank you.