Building the Network You Need with OpenBSD's PF: EuroBSDCon, St. Julian's, September 26th 2013 | ||
---|---|---|
Prev | Next |
Default deny (aka block all)
Allow access from anywhere to DMZ hosts for certain services
Allow access from local net to DMZ, local net to anywhere port $client_out
Allow access from DMZ to anywhere for some services.
Your task: Test that this works, valid traffic passes.
Test stuff that shouldn't work too, make sure it breaks.