Guide to Unix/BSD/OpenBSD/As a Firewall

From Wikibooks, open books for an open world
Jump to navigation Jump to search

Getting Started[edit]

To turn PF on, on boot up, create the configuration file rc.conf.local.

vi /etc/rc.conf.local

To activate PF on boot up enter the following in the configuration file:


To enable PF manually, enter in the following command:

pfctl -e

To disable PF manually, enter in the following command:

pfctl -d

Congratulation, you are now protected by one of the best firewalls available.

Configuring PF[edit]

Pf is a very good firewall by default however it also contains a few options. You can change the configuration of pf by editing the configuration file /etc/pf.conf.

Wrong information.


Scrubbing defragments and in some cases rejects fragmented packets. This prevents your computer from becoming fragmented, however it also causes a lot of packets to be lost. To scrub an network interface enter the following in you /etc/pf.conf:

scrub <in/out> <interface>

A simple example of this is scrubing all of the incoming interfaces.

scrub in all


If you made a contribution to this article please feel free to add your username.

See Also[edit]

  • PF on Wikipedia