|
Dear list, I’ve been trying this for quite a while without any
luck… my rules go something like this… I only pass in incoming http and https traffic on fxp0 scrub in on fxp0
all block in quick on
fxp0 inet proto tcp from
any to any flags FUP/FUP pass in quick on
fxp0 inet proto tcp from
any to 10.5.0.33 port { www, https } flags S/SA keep state block in on fxp0
all All outgoing rules…. pass out quick
on fxp0 inet proto tcp from
any to any port { www, https, ftp, ftp-data, ssh }
flags S/SA keep state pass out quick
on fxp0 inet proto { udp, icmp } from any to any flags S/SA keep state block out on fxp0
all Thanks in advance |
