I installed netbsd on raspberry pi and intent to
use pf as a firewall. Seems that pf version on the
current (7.99.1) is about 4.2 or 4.3 openbsd ver-
sion. I am aware that I might stay locked out if
I make mistake, since the node is ssh reachable.
At first, I would start pf and stay with an option
to have new start:
# pfctl -f /etc/pf.conf; shutdown -r +10
What bothers me are rules, that could be a mismatch.
In fact, it is basic one node configuration like:
set skip on lo0
match in all scrub (no-df)
block in all
block out all
pass out on fxp0 proto { tcp, udp, icmp } from any to any modulate state
pass in on fxp0 proto tcp from any to any port ssh
Would this be enough for old version on netbsd or
I have to change the syntax?
Best regards
Zoran
