Changeset 10579 in hybrid for branches/releng-9.0/nanobsd
- Timestamp:
- Apr 26, 2012, 10:58:34 AM (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/releng-9.0/nanobsd/files/etc/pf.hybrid.conf
r10578 r10579 12 12 # 8) Overrides default route for local orginating traffic to specific ports, needed for 13 13 # for normal proxy setup, which should NOT follow the iLeiden default route. 14 # 9) Protect the Wireless Network from junk traffic. 14 15 wl_net="172.16.0.0/12" 15 16 allow_ext_tcp="{ssh, domain}" … … 65 66 pass out on !$ext_if route-to ($ext_if $ext_if_default_route) proto udp from any to !$wl_net port {53} user != unknown keep state 66 67 68 # By default deny all outgoing traffic to avoid systems spamming the network (9) 69 block out on { $captive_portal_interfaces } from any to !$wl_net 70 71 # Note: not even HTTPS traffic allowed for those who has not clicked OK yet (6) 72 pass out on { $captive_portal_interfaces } proto tcp from <wlportal> to !$wl_net port { 80, 443 } keep state 73 67 74 # External interface is permissive (4) 68 75 block on $ext_if
Note:
See TracChangeset
for help on using the changeset viewer.