PF, The OpenBSD Packet Filter: Building The Network You Need: BSDCan, Ottawa, June 10th 2015 | ||
---|---|---|
Prev | Next |
/etc/pf.conf
ext_if = "re0" # macro for external interface - use tun0 for PPPoE int_if = "re1" # macro for internal interface # ext_if IP address is (may be) dynamic match out on $ext_if inet nat-to ($ext_if) block all pass inet proto tcp from { self, $int_if:network }