Nothing new here , just a round-up of the commands/configs I happen to need from time to time. Google probably has better references for that.I talk about Pf firewall used in FeeeBSD, OpenBSD and Solaris systems.
Enable and disable firewall:
#pfctl –e Enable packet filter real time
#pfctl –ef /etc/pf.conf Enable packet filter and load rules from /etc/pf.conf
#pfctl –d Disable packet filter
Enable/disable permanently to survive reboot
OpenBSD :
/etc/rc.conf.local:
pf=YES
pf_rules=/etc/pf.conf
FreeBSD:
/etc/default/rc.conf:
pf_enable=”YES”
pf_rules=”/etc/pf.conf”
pf_program=”/sbin/pfctl”
pflog_enable=”YES”
pflog_logfile=”/var/log/pflog”
Working with rules.
#pfctl –F all Flush (remove) all the active rules from the running packet filter , means PERMIT ANY ANY.
#pfctl –n –f /etc/pf.conf just parse rules from file , not actually loading them, to check syntax
#pfctl -f /etc/pf.conf Load rules from file
Order of rules in the file :
options, normalization, queuing, translation, and filtering rules.
Show commands.
#pfctl –s info Show filter information
#pfctl -s rules Show the currently loaded filter rules
#pfctl -s state Show the contents of the state table.
#pfctl -s all Show all of the above
Simplest set of rules – block all the incoming but ssh, allow all the outgoing from the server.
block in all
pass out all keep state
pass in proto tcp from any to any port 22
It is just a beginning, to be continued later…