Grab bag of IPF firewall commands for FreeBSD and Solaris 10


Nothing new here , just a round-up of the commands/configs I happen to need from time to time. Google probably has better references for that.I talk about Pf firewall used in FreeBSD, OpenBSD and Solaris systems.

Enable and disable firewall:

pfctl –e

Enable packet filter real time

pfctl –ef /etc/pf.conf

Enable packet filter and load rules from /etc/pf.conf

pfctl –d

Disable packet filter

Enable/disable permanently to survive reboot

OpenBSD :

/etc/rc.conf.local:   
   pf=YES   
   pf_rules=/etc/pf.conf

FreeBSD:

/etc/default/rc.conf:   
   pf_enable="YES"  
   pf_rules="/etc/pf.conf"   
   pf_program="/sbin/pfctl"   
   pflog_enable="YES"   
   pflog_logfile="/var/log/pflog"

Working with rules.

pfctl –F all

Flush (remove) all the active rules from the running packet filter , means PERMIT ANY ANY.

pfctl –n –f /etc/pf.conf

just parse rules from file , not actually loading them, to check syntax

pfctl -f /etc/pf.conf

Load rules from file

Order of rules in the file : options, normalization, queuing, translation, and filtering rules.

Show commands.

pfctl –s info

Show filter information

pfctl -s rules

Show the currently loaded filter rules

pfctl -s state

Show the contents of the state table.

pfctl -s all

Show all of the above

Simplest set of rules - block all the incoming but ssh, allow all the outgoing from the server:

block in all   
pass out all keep state   
pass in   proto tcp from any to any port 22