## Block Everything inbound
block in log all
## allow outbound and return traffic
pass out quick proto tcp from any to any flags S keep state keep frags
pass out quick proto udp from any to any keep state keep frags
## ICMP
pass in quick proto icmp from any to any
pass out quick proto icmp from any to any
##
## Allow localhost traffic
##
pass in quick on lo0 proto tcp from 127.0.0.1/32 to 127.0.0.1/32
## Allow ssh from mangement host
pass in quick proto tcp from 1.2.3.4/32 to any port = 22 flags S keep state keep frags
Thursday, July 23, 2009
Basic ipfilter rules
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment