PF, The OpenBSD Packet Filter: Building The Network You Need: BSDCan, Ottawa, June 10th 2015 | ||
---|---|---|
Prev | Next |
interface:network - the network connected to interface
Your local net could be
localnet = $int_if:network
or network as 192.168.100.0/24, or 2001:16d8:dead:beef::/64 or a list of networks -
sample filtering rule:
pass inet proto tcp from $localnet to any port $ports keep state
Make it as simple as possible, but no simpler