Quote:
ocicat, that's from daemonfowl blindly copying and pasting from FAQ 6.9, without comprehension. Only NIC names were changed.
|
That's right Teacher ! & I hope you're not shocked .. well it's really my 1st attempt to play ith pf :-)
I've changed that line .. 'up' is enough so it will use autoselect (defaults) .. but if you deem simplication is better I may do without the bridge.
There was a contribution by oko , an example of a working pf.conf that maybe I can elaborate on to meet my needs and my needs for a box are : http/ftp/ssh/ plus being able to use p2p (amule & bitorrent)
Here is oko's sample pf.conf :
Code:
ext_if="rl0"
tcp_services = "{ssh, imaps, smtp, 587, domain, ntp, www, https}"
udp_services= "{domain, ntp}"
set skip on lo
set loginterface $ext_if
scrub in all random-id fragment reassemble
block return in log all
block out all
antispoof quick for $ext_if
pass out quick on $ext_if proto tcp to any port $tcp_services
pass out quick on $ext_if proto udp to any port $udp_services