Date: Mon, 23 Nov 2009 07:35:08 -0800 (PST) From: Sife Mailling <sife.mailling@yahoo.com> To: freebsd-pf@freebsd.org Subject: block ip's and ports Message-ID: <745127.92574.qm@web113110.mail.gq1.yahoo.com>
next in thread | raw e-mail | index | archive | help
Salamo Alikom i setup a firewall for personnel home computer ,now i want every packets block if it is not pass to specified ports . this my pf.conf : net_card="sis0" tcp_ports="{80 ,https ,domain ,auth ,21}" udp_ports="{domain}" table <banned> file "/etc/pf/banned" table <banned2> {www.google.com} block in log (all) on $net_card proto {tcp ,udp} all pass in on $net_card proto tcp from any to any port $tcp_ports pass in on $net_card proto udp from any to any port $udp_ports pass in on $net_card proto tcp from 192.168.0.0/16 to 192.168.0.0/16 block in on $net_card proto tcp from { <banned>, <banned2> } to any port $tcp_ports pass out on $net_card proto tcp from any to any port $tcp_ports pass out on $net_card proto udp from any to any port $udp_ports pass out on $net_card inet proto tcp from any to any port ftp pass out on $net_card inet proto tcp from any to any port > 1023 now skype is work and the both tables banned and banned2 i can browse sites including theme .
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?745127.92574.qm>