DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 12th March 2009
bsdnewbie999 bsdnewbie999 is offline
Package Pilot
 
Join Date: May 2008
Posts: 145
Default PF firewall

Currently, I cannot surf the web from my firewall. I don know why because i thought i already pass in the port www. Please help
Here are my sample of rules

Code:
# Macros
int_if="vic0"

#scrub
scrub in all

# Filtering rules
pass in on $int_if proto tcp from any to $int_if port www
pass out on $int_if proto tcp from $int_if to any port www
block in log quick on $int_if proto tcp from any to any port ssh flags S/SA

 
#Antispoof
antispoof log for $int_if inet

#Unicast reverse path forwarding
block in log quick from urpf-failed label uRPF

#Passive operating system fingerprinting
pass in log on $int_if from any os OpenBSD keep state
block in log on $int_if from any os "Windows 2000"
block in log on $int_if from any os "Windows XP"
block in log on $int_if from any os "Windows XP SP1"
block in log on $int_if from any os "Windows XP SP2"
block in log on $int_if from any os "Windows xP SP3"
block in log on $int_if from any os "Windows 98"
block in log on $int_if from any os "Windows NT"
block in log on $int_if from any os "Linux 2.4 ts"
block in log on $int_if from any os unknown

# return
block return

#Block ICMP redirect packets
block in log quick on $int_if inet proto icmp from any to $int_if 
block in log quick on $int_if inet proto icmp from any to $int_if icmp-type redir

#Block SMTP(simple mail transfer protocol)
block in log quick on $int_if inet proto tcp from any to $int_if port smtp

#pass out UDP and ICMP
pass out on $int_if inet proto udp all keep state
pass out on $int_if inet proto icmp from $int_if to any keep state

#Block everything
block return-rst in log quick on $int_if inet proto tcp from any to $int_if 
block return-icmp in log quick on $int_if inet proto udp from any to $int_if
block in quick on $int_if all
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Which are the best firewall software? aleunix Other BSD and UNIX/UNIX-like 21 31st December 2008 07:37 AM
Simple Firewall with PF jones FreeBSD General 3 7th November 2008 02:02 AM
Firewall routing Magoo FreeBSD General 9 4th November 2008 04:39 PM
firewall for 2 adsl milo974 OpenBSD General 2 13th October 2008 05:03 PM
Web GUI for firewall ? giga FreeBSD General 6 8th May 2008 05:10 AM


All times are GMT. The time now is 12:25 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick