Annotation of src/etc/pf.conf, Revision 1.35
1.35 ! reyk 1: # $OpenBSD: pf.conf,v 1.34 2007/02/24 19:30:59 millert Exp $
1.1 kjell 2: #
1.12 henning 3: # See pf.conf(5) and /usr/share/pf for syntax and examples.
1.28 frantzen 4: # Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
5: # in /etc/sysctl.conf if packets are to be forwarded between interfaces.
1.4 henning 6:
1.27 cedric 7: #ext_if="ext0"
8: #int_if="int0"
1.19 ian 9:
1.27 cedric 10: #table <spamd-white> persist
1.12 henning 11:
1.30 henning 12: #set skip on lo
1.29 henning 13:
1.27 cedric 14: #scrub in
15:
1.31 camield 16: #nat-anchor "ftp-proxy/*"
17: #rdr-anchor "ftp-proxy/*"
1.35 ! reyk 18: #rdr-anchor "relayd/*"
1.27 cedric 19: #nat on $ext_if from !($ext_if) -> ($ext_if:0)
20: #rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
1.34 millert 21: #no rdr on $ext_if proto tcp from <spamd-white> to any port smtp
22: #rdr pass on $ext_if proto tcp from any to any port smtp \
1.27 cedric 23: # -> 127.0.0.1 port spamd
24:
1.31 camield 25: #anchor "ftp-proxy/*"
1.27 cedric 26: #block in
1.32 mcbride 27: #pass out
1.27 cedric 28:
1.32 mcbride 29: #pass quick on $int_if no state
1.27 cedric 30: #antispoof quick for { lo $int_if }
31:
1.35 ! reyk 32: #pass in on $ext_if proto icmp to ($ext_if)
1.33 david 33: #pass in on $ext_if proto tcp to ($ext_if) port ssh
34: #pass in log on $ext_if proto tcp to ($ext_if) port smtp
1.32 mcbride 35: #pass out log on $ext_if proto tcp from ($ext_if) to port smtp
![[BACK]](/icons/back.gif){kind=icon}
Return to pf.conf CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / etc