Created
September 14, 2023 07:46
-
-
Save fbion/96b25e8827cad237c8852bdf9f08ca37 to your computer and use it in GitHub Desktop.
mullvad vpn pfctl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| r scrub-anchor "com.apple/*" all fragment reassemble | |
| r anchor "com.apple/*" all | |
| r anchor "mullvad" all | |
| n nat-anchor "com.apple/*" all | |
| n rdr-anchor "com.apple/*" all | |
| n rdr-anchor "mullvad" all | |
| A com.apple | |
| A mullvad | |
| com.apple r anchor "200.AirDrop/*" all | |
| com.apple r anchor "250.ApplicationFirewall/*" all | |
| com.apple A com.apple/200.AirDrop | |
| com.apple A com.apple/250.ApplicationFirewall | |
| mullvad r pass quick on lo0 all flags any keep state | |
| mullvad r pass out quick inet proto udp from any port = 68 to 255.255.255.255 port = 67 no state | |
| mullvad r pass in quick inet proto udp from any port = 67 to any port = 68 no state | |
| mullvad r pass out quick inet6 proto udp from fe80::/10 port = 546 to ff02::1:2 port = 547 no state | |
| mullvad r pass out quick inet6 proto udp from fe80::/10 port = 546 to ff05::1:3 port = 547 no state | |
| mullvad r pass in quick inet6 proto udp from fe80::/10 port = 547 to fe80::/10 port = 546 no state | |
| mullvad r pass out quick inet6 proto ipv6-icmp from any to ff02::2 icmp6-type routersol no state | |
| mullvad r pass in quick inet6 proto ipv6-icmp from fe80::/10 to any icmp6-type routeradv no state | |
| mullvad r pass in quick inet6 proto ipv6-icmp from fe80::/10 to any icmp6-type redir no state | |
| mullvad r pass out quick inet6 proto ipv6-icmp from any to ff02::1:ff00:0/104 icmp6-type neighbrsol no state | |
| mullvad r pass out quick inet6 proto ipv6-icmp from any to fe80::/10 icmp6-type neighbrsol no state | |
| mullvad r pass in quick inet6 proto ipv6-icmp from fe80::/10 to any icmp6-type neighbrsol no state | |
| mullvad r pass out quick inet6 proto ipv6-icmp from any to fe80::/10 icmp6-type neighbradv no state | |
| mullvad r pass in quick inet6 proto ipv6-icmp all icmp6-type neighbradv no state | |
| mullvad r pass out quick on utun3 inet proto tcp from any to 100.64.0.31 port = 53 flags S/SA keep state | |
| mullvad r pass out quick on utun3 inet proto udp from any to 100.64.0.31 port = 53 no state | |
| mullvad r pass out quick inet proto tcp from any to 186.243.5.35 port = 443 user = 0 flags S/SA keep state | |
| mullvad r block return out quick proto tcp from any to any port = 53 | |
| mullvad r block return out quick proto udp from any to any port = 53 | |
| mullvad r pass quick on utun3 all flags S/SA keep state | |
| mullvad r pass out quick inet from any to 10.0.0.0/8 no state | |
| mullvad r pass in quick inet from 10.0.0.0/8 to any no state | |
| mullvad r pass out quick inet from any to 172.16.0.0/12 no state | |
| mullvad r pass in quick inet from 172.16.0.0/12 to any no state | |
| mullvad r pass out quick inet from any to 192.168.0.0/16 no state | |
| mullvad r pass in quick inet from 192.168.0.0/16 to any no state | |
| mullvad r pass out quick inet from any to 169.254.0.0/16 no state | |
| mullvad r pass in quick inet from 169.254.0.0/16 to any no state | |
| mullvad r pass out quick inet6 from any to fe80::/10 no state | |
| mullvad r pass in quick inet6 from fe80::/10 to any no state | |
| mullvad r pass out quick inet6 from any to fc00::/7 no state | |
| mullvad r pass in quick inet6 from fc00::/7 to any no state | |
| mullvad r pass out quick inet from any to 255.255.255.255 no state | |
| mullvad r pass out quick inet from any to 224.0.0.0/24 no state | |
| mullvad r pass out quick inet from any to 239.0.0.0/8 no state | |
| mullvad r pass out quick inet6 from any to ff01::/16 no state | |
| mullvad r pass out quick inet6 from any to ff02::/16 no state | |
| mullvad r pass out quick inet6 from any to ff03::/16 no state | |
| mullvad r pass out quick inet6 from any to ff04::/16 no state | |
| mullvad r pass out quick inet6 from any to ff05::/16 no state | |
| mullvad r pass out quick inet proto udp from any port = 67 to any port = 68 no state | |
| mullvad r pass in quick inet proto udp from any port = 68 to 255.255.255.255 port = 67 no state | |
| mullvad r block return out quick all | |
| mullvad r block drop quick all |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment