Rui Paulo wrote:
> 2013/04/13 16:01�$B!"�(BScott Long<scott4long_at_yahoo.com> �$B$N%a%C%;!<%8�(B:
>
>> Maybe something else, but whatever it is, it should be done. If you and Gleb don't want to do this, I will.
>
> I already started writing a guide. See here for a very incomplete version:
>
> http://people.freebsd.org/~rpaulo/ipf-deprecation/article.html
1.1 ipftest
PF rules can be checked with pfctl -n:
-n Do not actually load rules, just parse them
For example:
pfctl -nvf /etc/pf.conf.tmp
3 Examples
3.1 Filtering
ipf.conf and pf.conf has the same syntax for basic filtering rules, so
you can use it on the right side to:
block in on le0 proto tcp from 10.1.1.1/32 to any
pass in proto tcp from 10.1.0.0/16 port = 23 to 10.2.0.0/16 flags A/A
Miroslav Lachman
Received on Sun Apr 14 2013 - 07:54:48 UTC