Just need to know what to let in.
ext_if="dc0"
trusted = "REMOVED"
webports = "{ http }"
table <blockedips> persist file "/etc/pf.blockedip.conf"
set block-policy return
set optimization aggressive
scrub in all
antispoof for $ext_if
pass in quick on $ext_if inet proto tcp from $trusted to $ext_if port ssh
block in log (all) all
block in quick from <blockedips>
pass in on $ext_if proto tcp from any to $ext_if port $webports
pass in on $ext_if inet proto tcp from any to any port domain
pass in on $ext_if inet proto tcp from any to any port smtp
On Mon, Dec 1, 2008 at 11:26 AM, Jason Dixon <[EMAIL PROTECTED]> wrote:
> Short answer:
> pass out on $ext_if from ($ext_if) to any port smtp
>
> Long answer:
> Show us your ruleset so we can give you a useful answer.
>
>
> (ok, os that was only a few bytes longer)
>
> --
> Jason Dixon
> DixonGroup Consulting
> http://www.dixongroup.net/
