User:CFeyecare/sandbox/2

=OpenBSD as a Firewall= OpenBSD includes PF ("packet filter") as a firewall.

Getting Started
To turn PF on, on boot up, create the configuration file rc.local.conf. vi /etc/rc.local.conf

To activate PF on boot up enter the following in the configuration file: pf=YES

To enable PF manually, enter in the following command: pfctl -e

To disable PF manually, enter in the following command: pfctl -d Congratulation, you are now protected by one of the best firewalls available.

Configuring PF
Pf is a very good firewall by default however it also contains a few options. You can change the configuration of pf by editing the configuration file /etc/pf.conf.

Macros
Macros are the equivalent of shorthand for rules. Such as you could write: block out on fxp0 from { 192.168.0.1, 10.5.32.6 } to any

as opposed to the long way: block out on fxp0 from 192.168.0.1 to any block out on fxp0 from 10.5.32.6 to any

Scrubing
Scrubing defragments and in some cases rejects fragmented packets. This prevents your computer from becoming fragmented, however it also causes a lot of packets to be lost. To scrub an network interface enter the following in you /etc/pf.conf: scrub in

A simple example of this is scrubing all of the interfaces. scrub in all

Authors
If you made a contribution to this article please feel free to add your username.
 * CFeyecare- Started page.