Other Definitions
pf (enc)

Pf

pf is OpenBSD's stateful packet filter, written by Daniel Hartmeier. It replaced Darren Reed's IPFilter in OpenBSD, due to problems with its license. pf has evolved quickly, and has now several advantages over others. The filtering syntax is similar to ipf, though it has been modified to make it more clean. Network Address Translation (NAT) and Quality of Service (QoS) have been tightly integrated into pf, to allow greater flexibility. QoS is achieved by merging ALTQ into pf itself. pf has also been ported to NetBSD-current by itojun and is installed by default in FreeBSD starting at version 5.3.

Commands and options

  • pfctl -e -> enables pf
  • pfctl -d -> disables pf
  • pfctl -f -> if no syntax errors are found on target file, new rules will be loaded into pf

Example PF.conf file

#Macros
ext_if="xl1"
int_if="xl0"
int_network="192.168.0.0/24"
ext_network="XXX.XXX.XXX.0"
ext_ip="XXX.XXX.XXX.XXX"
loop_back="lo0"

#NAT

nat on $ext_if from $int_network to any -> $ext_ip

#PF-rules

block in all
pass out all keep state
pass in quick on $int_if from $int_network to any keep state
pass quick on $loop_back all

See also

External links

 

<< PreviousWord BrowserNext >>
list of computer and video games by name
europoort
structural failure
sawmill
whitebark pine
remington rand
1755 lisbon earthquake
buford
spencerville
buford, texas
marble arch
fonio
edwards
spirit level
limit state design
poison the well
jay roach
black tuesday
easley blackwood
easley blackwood (bridge player)
cantor space
easley blackwood (musician)
gustave biler
saint andr de cubzac
history of british socialism
swallows and amazons
list of buildings in bucharest
space filling curve
louise day hicks
bolton
trac programming language
alliance atlantis
bebe daniels
graham
citizen gent
software toy
high barnet tube station
thurso
wick
ullapool
samovar
dornoch
oban
peak cavern