Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 19th September 2010
nobodyb nobodyb is offline
New User
Join Date: Sep 2010
Posts: 4
Default new to pf

hello experts,

I am new to pf. I would like to port forwarding 80 on my machines. Everything works fine, but port 80 is not open. I have tried my best, but still not luck. Kindly advise on how to imporve my pf.

ext_if = "tl0"
int_if = "re0"
dmz_if = "cl0"
icmp_types = "{unreach}"
tcp_services = "{www}"

match out on $ext_if from any nat-to ($ext_if)
match in on $ext_if proto tcp from any to any port 80 tag WWW rdr-to port 80

block log all
block all

pass out keep state

set skip on lo
set skip on $int_if
set skip on $dmz_if

pass out on $ext_if proto tcp to any port $tcp_services

## below line might not be necessary, but I want to make sure port 80 is open
pass in on $ext_if proto tcp from any to any port 80 rdr-to

pass inet proto icmp all icmp-type $icmp_types keep state

pass in quick on $ext_if tagged WWW
pass out quick on $ext_if inet all keep state
pass out quick on $dmz_if tagged WWW

#By default, do not permit remote connections to X11
block in on ! lo0 proto tcp to port 6000:6010
## another OpenBSD fan
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT. The time now is 10:54 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick