Contributed by Dengue on from the pf dept.
Is anyone else working on this? High load testing? Enterprise/ Production rulesets? I figure now's the best time. -Daniel posted this info on his site regarding bridge mode packet filtering: http://marc.theaimsgroup.com/?l=openbsd-tech&m=100220976320265&w=2
Would be great to get a good set of example files drawn from our collective knowledge so far.
-karlski"
Sounds like a candidate for the FAQ to me...
(Comments are closed)
By s k () on
By Anonymous Coward () on
Why not using keep state with "out" rules ?
Keeping daniel's example :
block in on rl0 all
pass out on rl0 all keep state
block in on rl1 all
pass out on rl1 all keep state
[rules to allow traffic INto interfaces]
I don't see what is wrong with this ?
By g () on