Re: pkg slow down a lot with simple firewall.

Wed, 27 May 2020 13:23:24 -0700 

Hello
Try to activate pf logs to see what is blocking or slowing you down,
insert this in the /etc/rc.conf file
pflog_enable = "YES"
pflog_logfile = "/ var / log / pflog"

To view the logs afterwards is via tcpdump, as follows:
tcpdump -n -e -ttt -r / var / log / pflog

Em qua., 27 de mai. de 2020 às 16:23, Donald Mickunas
<dmickunas1...@fastmail.com> escreveu:
>
> Hi all,
>
> I am new to firewalls and trying to learn. I am attempting to set up a pf 
> firewall on FreeBSD 12.1-RELEASE-p5. This is a home computer for personal use 
> and is not part of a server network. "pkg update" will take a minute or more 
> to complete a verification that it is up to date with the firewall on vs. 
> seconds when the firewall is off. I can find no reason for this. I have done 
> a variety of searches online plus in the various forums with zero results. 
> Any ideas?
>
> This is a simple firewall.
> Here is my set up:
>
> */etc/pf.conf*
>
> set skip on lo0
> block all
> pass in proto tcp to port { 22 }
> pass out proto { tcp udp } to port { 22 53 80 123 443 }
> pass out inet proto icmp icmp-type { echoreq }
>
>
> */etc/rc.conf*
>
> clear_tmp_enable="YES"
> sendmail_enable="NONE"
> hostname="donsoptiplex"
> keymap="us.kbd"
> ifconfig_em0="DHCP"
> ifconfig_em0_ipv6="inet6 accept_rtadv"
> ntpd_enable="YES"
> # Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
> dumpdev="NO"
> dbus_enable="YES"
> hald_enable="YES"
> autofs_enable="YES"
> kld_list="/boot/modules/i915kms.ko"
> sound_load="YES"
> snda_hda_load="YES"
> sddm_enable="NO"
> cupsd_enable="YES"
> devfs_system_ruleset="system"
> pf_enable="YES"
> pflog_enable="YES"
>
> Thanks!!
> _______________________________________________
> freebsd-pf@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
_______________________________________________
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

Reply via email to