Date: Sun, 19 Nov 2006 12:12:28 +0300 From: =?koi8-r?B?4czFy9PBzsTSIPvF197FzsvP?= <alexander.shevchenko@itv.ru> To: "'Gregory Edigarov'" <greg@bestnet.kharkov.ua>, <freebsd-net@freebsd.org> Subject: RE: How to test a firewall with NAT? Message-ID: <20061119091221.59A2143D46@mx1.FreeBSD.org> In-Reply-To: <455D8DF2.2020105@bestnet.kharkov.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
U can use "-n" flag for parsing rules before loading them
pfctl -nvvv -f /etc/pf.conf
Look at this port /usr/ports/sysutils/pftop
pftop displays the active packetfilter states, rules, and queues
-----Original Message-----
From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd-net@freebsd.org]
On Behalf Of Gregory Edigarov
Sent: Friday, November 17, 2006 1:25 PM
To: freebsd-net@freebsd.org
Subject: How to test a firewall with NAT?
Hello Everybody,
I am trying to move one of my servers/routers from linux/iptables to
freebsd/pf, and need a methodology of testing the pf firewall ruleset
before it will go in production. I cannot experiment on live network,
because it's a busy server.
I only have one other machine available.
What can I do and what tool can you recommend?
Thank you.
--
With best regards,
Gregory Edigarov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061119091221.59A2143D46>