In http://www.daemonforums.org/showthread.php?t=4367 I give an example of a pf ruleset protecting a desktop machine with only one NIC.
To protect a network or multiple machines, you really need 2 NICs else it won't work 
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|