Greetings, I know very little about creating an initial pf.conf. I know /very/ /much/ that I want/need PF, and will need a fair amount of time to "tune" pf to work optimally for each server. BUT, in an effort to get started, I'm hoping that some kind soul will provide me with a very basic pf.conf that will not interrupt the current application/server block policies I already have in place - which is to say; I currently block at the application/server, but hope to merge (transfer) them to PF. So. can anyone share a pf.conf that will allow all, but block ALL_EVIL_IP requests on ALL ports? In other words, if I only wanted to block (drop) ALL traffic coming from a /single/ IP address. How would I do it? I have one (active) NIC in each of my servers, and there are anywhere from 3 to 12 IP's aliased to them above and beyond the IP assigned to the host itself. All addresses are fully qualified, internet route-able addresses (no internal/private IP's).
Thank you for all your time and consideration. --Chris _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
