DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 9th October 2017
Prevet Prevet is offline
Fdisk Soldier
 
Join Date: Oct 2017
Posts: 59
Default Need help getting started with PF

I just have a desktop computer, but can't get PF to do anything other than block everything.

I tried this from the FAQ and it blocks all traffic:

http://www.openbsd.org/faq/pf/filter.html

doas pfctl -ef /etc/pf.conf.X2

Code:
    block all

    # Pass TCP traffic in to the web server running on the OpenBSD machine.
    pass in on egress proto tcp from any to egress port www
These are the original rules and they work fine when I load them:
doas pfctl -ef /etc/pf.conf
Code:
set skip on lo

block return    # block stateless traffic
pass            # establish keep-state

# By default, do not permit remote connections to X11
block return in on ! lo0 proto tcp to port 6000:6010
This is my ifconfig
Code:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 32768
        index 3 priority 0 llprio 3
        groups: lo
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr f0:79:59:dd:c4:a3
        index 1 priority 0 llprio 3
        groups: egress
        media: Ethernet autoselect (10baseT full-duplex,rxpause,txpause)
        status: active
        inet 192.168.11.5 netmask 0xffffff00 broadcast 192.168.11.255
enc0: flags=0<>
        index 2 priority 0 llprio 3
        groups: enc
        status: active
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33144
        index 4 priority 0 llprio 3
        groups: pflog
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Help getting Jail started... bforest FreeBSD General 20 9th December 2014 02:43 AM
Trying to get started translating OpenBSD Documentaion qmemo OpenBSD General 6 12th July 2009 12:50 PM
Pf Nat getting started ?? neurosis FreeBSD Security 11 16th November 2008 08:58 PM
Apache : httpd could not be started lalebarde General software and network 13 13th November 2008 11:51 PM
Getting started with DTrace tanked FreeBSD General 2 25th June 2008 09:21 AM


All times are GMT. The time now is 11:01 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick