I want to use pf as firewall for my laptop.
It is connected wired and wireless, depending on the situation, but also to my
own router/modem.
I have enabled pf and made a pf.conf which is looking like this:
#############################################
# $OpenBSD: PF firewall rules $
# scrub
scrub in all
# setup a default deny policy
block in all
block out all
antispoof for { bce0, wpi0 } inet
pass out on { bce0, wpi0 } proto tcp from any to any
pass out on { bce0, wpi0 } proto udp from any to any
pass out on { bce0, wpi0 } proto icmp from any to any
#############################################
I was wondering if there are defaults which are better then these.
For example the pass out lines with from any to any, could they be tightened
more?
I have tried some settings but till now I did not manage to get it working with
other settings then these.
Any help to make my pf settings more secure would be appreciated.
To be sure; I am running pf on my laptop, and there is no other computer
connected to my laptop.
Jan
