Hi, i can suggest config below lets say this config will be on server B's pf.conf. and your network interface of B ip address 2.2.2.2 is bge0
then you can use the following config #pf.conf #macros ext_if="bge0" A="1.1.1.1" B="2.2.2.2" #global options set block-policy return #or you can use drop set skip on lo0 set loginterface $ext_if #optional #all other configurations #here you block all block return in all #or you can use drop :) #and here allow TCP connections on port 80 only from A(1.1.1.1) to B(2.2.2.2) pass in log on $ext_if inet proto tcp from $A to $B port 80 keep state that's all. its so simple configuration file. you can find more advanced and fancy configuration models on the web. but i suggest pf manual ;) good luck. -- •••/ name: Javad Mustafayev title: System Administrator company: Smarty LLC mobile: 00994.51.927.11.99 mail: ja...@smarty.az web.mail: j.mustafa...@gmail.com •••/ On Sep 25, 2014 11:24 PM, Laszlo Danielisz via freebsd-pf <freebsd-pf@freebsd.org> wrote: > > Hi, > > I was wondering how is possible to accept a connection, lets say on port 80 > only if it comes from a specified referer. > Let's say there is a link on server A (IP 1.1.1.1) pointing to server B (IP > 2.2.2.2). And server B will only accept the connection if it was sent by A. > > Any ideas? > > Thx! > Laszlo > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org" _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
