View Single Post
  #2   (View Single Post)  
Old 13th June 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

Since the popularity of pf, the OpenBSD packet filter, which runs on all BSDs, hardly anyone uses ipf anymore and thus hardly anyone remembers how that worked

With pf, your ruleset would be something like
Code:
EXT_IF = ex0 
INT_IF = vr0

nat on $EXT_IF from $INT_IF:network to any -> $EXT_IF

# --- default policy
block log all

pass out quick on $EXT_IF
pass in  quick on $INT_IF
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote