Guide to Unix/BSD/OpenBSD/As a Firewall
OpenBSD includes PF ("packet filter") as a firewall.
To turn PF on, on boot up, create the configuration file rc.conf.local.
To activate PF on boot up enter the following in the configuration file:
To enable PF manually, enter in the following command:
To disable PF manually, enter in the following command:
Congratulation, you are now protected by one of the best firewalls available.
Pf is a very good firewall by default however it also contains a few options. You can change the configuration of pf by editing the configuration file /etc/pf.conf.
Scrubbing defragments and in some cases rejects fragmented packets. This prevents your computer from becoming fragmented, however it also causes a lot of packets to be lost. To scrub an network interface enter the following in you /etc/pf.conf:
scrub <in/out> <interface>
A simple example of this is scrubing all of the incoming interfaces.
scrub in all
If you made a contribution to this article please feel free to add your username.
- CFeyecare- Started page.
- PF on Wikipedia
- "Faq pf." Pf. OpenBSD. 3 Nov. 2008 <http://www.openbsd.org/faq/pf/>.