Use anchors (http://www.openbsd.org/faq/pf/anchors.html).

Ex do site:
"ext_if = "fxp0"

block on $ext_if all
pass  out on $ext_if all keep state
anchor ssh in on $ext_if proto tcp from any to any port 22"

# echo "pass in from 192.0.2.10 to any" | pfctl -a ssh -f -

-- 
Aristeu Gil Alves Jr
-------------------------
Histórico: http://www.fug.com.br/historico/html/freebsd/
Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd

Responder a