From owner-freebsd-pf@freebsd.org Fri May 17 00:47:10 2019 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 019C115AB94C for ; Fri, 17 May 2019 00:47:10 +0000 (UTC) (envelope-from doctor@doctor.nl2k.ab.ca) Received: from doctor.nl2k.ab.ca (doctor.nl2k.ab.ca [204.209.81.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1594A84129 for ; Fri, 17 May 2019 00:47:09 +0000 (UTC) (envelope-from doctor@doctor.nl2k.ab.ca) Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.92 (FreeBSD)) (envelope-from ) id 1hRR1e-000431-HE for freebsd-pf@freebsd.org; Thu, 16 May 2019 18:47:06 -0600 Date: Thu, 16 May 2019 18:47:06 -0600 From: The Doctor To: freebsd-pf@freebsd.org Subject: Wishing to build a 'router' pf box Message-ID: <20190517004706.GA6318@doctor.nl2k.ab.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.11.4 (2019-03-13) X-Rspamd-Queue-Id: 1594A84129 X-Spamd-Bar: + X-Spamd-Result: default: False [1.03 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.08)[-0.076,0]; URIBL_BLOCKED(0.00)[empire.kred.multi.uribl.com]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-0.20)[-0.201,0]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+]; NEURAL_SPAM_SHORT(0.14)[0.137,0]; MX_GOOD(-0.01)[cached: doctor.nl2k.ab.ca]; DMARC_POLICY_ALLOW(-0.50)[nl2k.ab.ca,quarantine]; RCVD_TLS_LAST(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; INTRODUCTION(2.00)[]; ASN(0.00)[asn:6171, ipnet:204.209.81.0/24, country:CA]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(-0.02)[country: CA(-0.09)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 May 2019 00:47:10 -0000 Running into toons of problems with opensbsd and their ports, so I am looking to build a FreeBSD equivalent. The Box would look like: --------------------------------- | | | eth3 | | | eth2 | | | eth1 | | | eth0 | | --------------------------------- Yes I would the packet filtering to attempt to drop malicious packets and pass and forward good ones true. the Interface of Eth0 would 192.168.81.14 and eth1 would go back to 192.168.82.2 the router. I would like to use sshguard with PF, suricata, squid and 2 to 3 virtual bhyve machines with the virtual machines have 2 virtual etherports each. What are the installation steps? UFS/ZFS I will decide on the controller. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Newfoundland on 16 May 2019, do not vote PC nor NDP!