diff options
Diffstat (limited to 'etc/pf.conf')
| -rw-r--r-- | etc/pf.conf | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/etc/pf.conf b/etc/pf.conf new file mode 100644 index 0000000..758a914 --- /dev/null +++ b/etc/pf.conf @@ -0,0 +1,17 @@ +# $OpenBSD: pf.conf,v 1.55 2017/12/03 20:40:04 sthen Exp $ +# +# See pf.conf(5) and /etc/examples/pf.conf +set skip on lo +table <bruteforce> persist +table <whitelist> persist file "/etc/pf.whitelist" +block return # block stateless traffic +pass # establish keep-state +block return in on ! lo0 proto tcp to port 6000:6010 +block return out log proto {tcp udp} user _pbuild +block drop in quick from <bruteforce> +pass in quick on egress from <whitelist> keep state +pass in on egress proto tcp to port { 80 443 } \ + keep state (max-src-conn 100, max-src-conn-rate 50/10, \ + overload <bruteforce> flush global) + +pass in on egress proto tcp to port { 6667 6697 } |