DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 17th September 2008
lumiwa lumiwa is offline
Package Pilot
 
Join Date: May 2008
Posts: 145
Thanked 4 Times in 3 Posts
Default pf.conf

I have a "problem" with pf firewall and I don't know how to save it...

My system: FreeBSD 7.0, cable Internet, D-Link DI-604 (standalone computer). I run also pf firewall and

pfctl -s rules are:

No ALTQ support in kernel
ALTQ related functions disabled
scrub in all fragment reassemble
block drop in quick on ! sk0 inet from 192.168.0.0/24 to any
block drop in quick inet from 192.168.0.100 to any
block drop in log quick on sk0 all label "inblock"
pass out on sk0 inet proto tcp all flags S/SA modulate state
pass out on sk0 inet proto udp all keep state
pass out on sk0 inet proto icmp all icmp-type echoreq code 0 keep state


pf.conf:

# Macros
ext_if="sk0"
# Optimization
set optimization normal
set block-policy drop
set loginterface $ext_if
set skip on lo0
# NOrmalization
scrub in all
# Filtering
antispoof quick for $ext_if
# Closed from outside
block in log quick on $ext_if all label "inblock"
# Open to out
pass out on $ext_if inet proto tcp all flags S/SA modulate state
pass out on $ext_if inet proto udp all keep state
# ping out
pass out on $ext_if inet proto icmp all icmp-type 8 code 0 keep state

/var/log/pflog has everytime something like:

Date Interface Action Rule Direction Protocol Src. address Src. port Dest. address Dest. port
2008-09-15 19:22:50.503247 sk0 drop 2 in udp 192.168.0.102 138 192.168.0.255 138
2008-09-15 19:22:50.503257 sk0 drop 2 in udp 192.168.0.102 137 192.168.0.255 137
2008-09-15 19:22:51.252843 sk0 drop 2 in udp 192.168.0.102 137 192.168.0.255 137
2008-09-15 19:22:52.2844 sk0 drop 2 in udp 192.168.0.102 137 192.168.0.255 137
2008-09-15 19:24:20.994079 sk0 drop 2 in udp 192.168.0.102 138 192.168.0.255 138
2008-09-15 19:31:07.487049 sk0 drop 2 in udp 192.168.0.102 138 192.168.0.255 138
2008-09-15 19:33:20.124759 sk0 drop 2 in udp 0.0.0.0 68 255.255.255.255 67
2008-09-15 19:33:20.125243 sk0 drop 2 in udp 192.168.0.1 67 255.255.255.255 68
2008-09-15 19:33:20.125638 sk0 drop 2 in udp 0.0.0.0 68 255.255.255.255 67
2008-09-15 19:33:20.126140 sk0 drop 2 in udp 192.168.0.1 67 255.255.255.255 68
2008-09-15 19:33:24.982418 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:25.726406 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:26.477591 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:27.228664 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:27.980047 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:28.730837 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:29.481915 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:30.233010 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:31.551535 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:32.296118 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:32.524082 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:32.524177 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:33.47201 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:33.267571 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:33.267577 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:34.18655 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:34.18662 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:36.213991 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:36.962973 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:37.714053 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:38.465135 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:39.217315 sk0 drop 2 in udp 192.168.0.101 138 192.168.0.255 138
2008-09-15 19:33:39.252561 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:39.252566 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:39.997453 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:39.997460 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:40.748539 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:40.748546 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:54.449456 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:55.199743 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:33:55.950922 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:34:39.844677 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:34:40.586470 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:34:41.337554 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:42.98290 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:42.847972 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:43.2136 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:43.599052 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:43.749225 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:44.500413 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:49.829380 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:50.580947 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:51.330445 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:56.630255 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
2008-09-15 19:35:57.379338 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137
.....
.....

Thanks in advance.

Last edited by lumiwa; 17th September 2008 at 09:11 PM.
Reply With Quote
 

Tags
pf, pf.conf

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
mk.conf not found mtm0 NetBSD Package System (pkgsrc) 2 4th September 2009 04:42 PM
please check my pf.conf gosha OpenBSD Security 10 30th January 2009 12:32 AM
make.conf lumiwa FreeBSD General 9 8th September 2008 12:15 AM
difference between rc.conf and loader.conf disappearedng FreeBSD General 5 3rd September 2008 05:54 AM


All times are GMT. The time now is 12:39 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick