On 22 January 2015 at 07:59, <[email protected]> wrote: > Hello, > > I recently lost access to a co-located server, because I used a non-standard > port for ssh access. > > The default pf-ruleset (in /etc/rc) had kicked in. > > Would it be more correct to have the rulset in /etc/rc use /etc/services > instead of hardcoding port 22 into the rule? > > Something like this; > > 326,327c326,327 > < RULES="$RULES\npass in proto tcp from any to any port 22 keep state" > < RULES="$RULES\npass out proto { tcp, udp } from any to any port 53 > keep state" > --- >> >> RULES="$RULES\npass in proto tcp from any to any port ssh keep >> state" >> RULES="$RULES\npass out proto { tcp, udp } from any to any port >> domain keep state" > > > > -- > Kind regards > Brian Vangsgaard >
The default value for 'ssh' in /etc/services would be 22. So you're going to have to remember to change either /etc/pf.conf or /etc/services to avoid the problem. You don't describe enough of your situation to make clear why editing /etc/services would make more sense than editing /etc/pf.conf. .... Ken
