Created
October 14, 2016 09:17
-
-
Save xen0l/5152abc1f764942e0b2e09e8c2eda8b1 to your computer and use it in GitHub Desktop.
Sample ipf.conf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This file is managed by Ansible. Any manual changes will be overwritten! | |
| # | |
| # ipf.conf | |
| # | |
| # IP Filter rules to be loaded during startup | |
| # | |
| # See ipf(4) manpage for more information on | |
| # IP Filter rules syntax. | |
| # Do not filter loopback | |
| pass in quick on lo0 keep state | |
| pass out quick on lo0 keep state | |
| # Do not filter LAN interface | |
| pass in quick on vioif1 keep state | |
| pass out quick on vioif1 keep state | |
| # Default deny on WAN inteface | |
| block in on vioif0 | |
| # Allow SSH on WAN interface | |
| pass in quick on vioif0 proto tcp from any to 1.2.3.4 port=22 keep state | |
| # Allow ICMP on WAN interface | |
| pass in quick on vioif0 proto icmp from any to 1.2.3.4 keep state | |
| pass out quick on vioif0 keep state |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment