| PF, The OpenBSD Packet Filter: Building The Network You Need: BSDCan, Ottawa, June 10th 2015 | ||
|---|---|---|
| Prev | Next | |
exclude an interface (interface group) from any filtering:
set skip on lo
- filtering on loopback is almost never useful, confuses apps
and if you want to do all your filtering on egress:
set skip on { lo, $int_if }Load the sample file
$ sudo pfctl -vnf samples/example008