Pedro Drimel Neto wrote:
In a rule:
pass in on dc0 from 192.168.0.0/24 to any port www
If a webserver is running on firewall box, the network 192.168.0.0/24 will
access it. Is there another way to introduce this rule? Cause I don't want
that the network access the webserver on firewall box.
Is there some way of rule like FORWARD of netfilter?
Thanks and sorry if isn't in this list to talk about pf rules...
Do you mean something like:
so2:fred /var/log> sudo grep www /etc/pf.conf
pass log on $ext_if proto tcp from any to $webserver port { www, https }
keep state
Or do you mean that you do not want 192.168.0.0/24 to access the
webserver on the firewall?
--
http://www.crowsons.net/puters/x41.php
