PF and types of NAT(Network Address Translation)
As you know, at least 3 types of NAT are used. Of course i need to two types of them.DNAT and SNAT. DNAT : hiding server behind NAT, SNAT : hiding your client behind NAT. Question: I read a quick...
View ArticleFreeBSD pf firewall, new connections severly delayed when nating
I have a newly setup fbsd 9.1 with pf, which itself doesn’t experience any slowness when for example downloading a debian iso from my local debian repo (ftp.se.debian.org). Any machine behind it, which...
View ArticleHow can I use Authpf on OpenBSD to execute commands?
I know I can create pf rules when a users shell is set to authpf and Authpf is configured and the user is logged in. but: Q: how can I execute commands when a user logs in? (with ex.: Authpf, since no...
View ArticleRouting a LAN through OpenVPN on OpenBSD 5.5
I’m configuring an OpenVPN gateway to allow a LAN access to the internet through the tunnel. The gateway is running OpenBSD 5.5-stable amd64 on the PC Engines APU platform. The LAN contains re1, re2,...
View Articleiptables/pf rule to only allow XY application/user?
I think there is no iptables/pf solution to only allow an XY application on e.g.: outbound tcp port 80, eth0. So if I have a userid: “500″ then how could I block any other communications then the...
View ArticleHow do I add more IP addresses to my pf rules?
I wish to have all internet traffic to go through my VPN; when my VPN is disconnected, all internet traffic can not go out of my workstation/desktop (not server). I wish to switch VPN servers of one...
View ArticleOpenBSD's pf: disable network access for a given user, except for ssh.
If we are using the default firewall for OpenBSD, how can we modify it to disable all the network access for a normal user except for one thing: we want to ssh to the user from random hosts! So example...
View Articlepf.conf syntax error
I copied this pf.conf from a website rdr-anchor "forwarding" load anchor "forwarding" from "/Users/jeff/Documents/pf.rules" and this pf.rules rdr-anchor "forwarding" load anchor "forwarding" from...
View Articleon FreeBSD, how do I open a port on WAN but not on LAN?
I have one FreeBSD machine that I use as a playbox/server/torrentbox. It’s part of my LAN. Here is the semantics (altered from an example on the OpenBSD website): [ desktop ] [ laptop ] | |...
View Article