I'm still trying to configure a working pf configuration, without success. I'm building a 3.4 OpenBSD machine to replace an old OpenBSD machine that used ipf, and seperate nat. I have a meium sized home network that connects via a cablemode. The cablenmode apppears (based upon existin laogfiles) to be a vary hostilee environment. So I wan "default deny" configuration. I've been able to build a working config, using "default allow" but I can't even seem to come close on the "default deny" one.
I want all the internal machiones to have pretty much unrestrcted outbound access (including ftp), and I wna inbound ssh, http, mail, and sftp redirected transparently to various amchines on the internal network. I've treid starting with the default /etc/of.conf, and /usr/share/pf/faq-example1 without much success. Can anyone point me to some good examples? Is htere any way to convert my old ipf.bat rules to the new syntax? -- "They that would give up essential liberty for temporary safety deserve neither liberty nor safety." -- Benjamin Franklin