Hi,
On Thursday, 05 Jan 2012 at 09:00 CET
Robert Wolf <[email protected]> wrote:
> ----
> table <OutNetworks> const { .... }
> pass quick proto tcp from <OurNetworks> to any port 22 no state
> pass in quick proto tcp from any to any port 2222 rdr-to 127.0.0.1 port 22
> block quick proto tcp from any to any port 22
> ----
>
> But of course, the last rule blocks every SSH traffic going from unknown
> networks to all hosts.
>
>
> Could someone please help me to create PF rules to block only traffic going to
> local machine from other networks as OutNetworks similary as the iptables rule
> above?
Just replace "to any" to "to self". Should do what you want.
> I have read PF manual but not found any possibility to tell pf "to
> LOCAL-HOST". I have search with google but no relevant articles found, maybe I
> have not asked correct.
Well, it's not very easy to find, but the "self" word is explained in
the manual.
--
Greetings
Rafal Bisingier
