Nothing new here , just a round-up of the commands/configs I happen to need from time to time. Google probably has better references for that.I talk about Pf firewall used in FreeBSD, OpenBSD and Solaris systems.
Enable and disable firewall:
Enable packet filter real time
pfctl –ef /etc/pf.conf
Enable packet filter and load rules from /etc/pf.conf
Disable packet filter
Enable/disable permanently to survive reboot
/etc/rc.conf.local: pf=YES pf_rules=/etc/pf.conf
/etc/default/rc.conf: pf_enable="YES" pf_rules="/etc/pf.conf" pf_program="/sbin/pfctl" pflog_enable="YES" pflog_logfile="/var/log/pflog"
Working with rules.
pfctl –F all
Flush (remove) all the active rules from the running packet filter , means PERMIT ANY ANY.
pfctl –n –f /etc/pf.conf
just parse rules from file , not actually loading them, to check syntax
pfctl -f /etc/pf.conf
Load rules from file
Order of rules in the file : options, normalization, queuing, translation, and filtering rules.
pfctl –s info
Show filter information
pfctl -s rules
Show the currently loaded filter rules
pfctl -s state
Show the contents of the state table.
pfctl -s all
Show all of the above
Simplest set of rules - block all the incoming but ssh, allow all the outgoing from the server:
block in all pass out all keep state pass in proto tcp from any to any port 22