Hi,
I'm just an OpenBSD newbie derived from Linux. I'm trying to understand
both OpenBSD and PF. In fact it's very clear and strong structure; happy with
that.
My question is about using prio keyword. Can anyone help me with this
little pf.conf below. Is it smart/advisable config or just a time
wasting expectation?
Thanks.
#Macros
int_if="re1"
#Tables
table <Loosers> {
192.168.1.11 192.168.1.12 192.168.1.13 192.168.1.14 }
table <Users> {
192.168.1.21 192.168.1.22 192.168.1.23 192.168.1.24 }
table <Admins> {
192.168.1.100 192.168.1.101 }
#NAT private Networks
match out on egress inet
from $int_if:network to any nat-to (egress)
#Default FW policy
block log all
#Always pass from my house
pass log quick from 194.30.xxx.YYY prio 7
#Loosers
with very low priority
pass in log quick on $int_if from <Loosers> prio 0
#Users with a standart priority
pass in log quick on $int_if from <Users> prio
3
#Admins have the highest priority
pass in log quick on $int_if from <Admins>
prio 7
#pass out from "the" interfaces
pass out from ($int_if)
pass out from
(egress)
# uname -rms
OpenBSD 5.0 i386
--
Theron ZORBAS
