PF, The OpenBSD Packet Filter: Building The Network You Need: BSDCan, Ottawa, June 10th 2015 | ||
---|---|---|
Prev | Next |
The obvious macros
webserver = "192.0.2.227" webports = "{ http, https }" emailserver = "192.0.2.225" email = "{ smtp, pop3, imap, imap3, imaps, pop3s }" nameservers = "{ 192.0.2.221, 192.0.2.223 }"
and rules that use them
pass proto tcp to $webserver port $webports pass proto tcp to $emailserver port $email pass log proto tcp from $emailserver to port smtp pass inet proto { tcp, udp } to $nameservers port domain