mirror of
https://github.com/fwbuilder/fwbuilder
synced 2026-03-19 01:37:17 +01:00
a544492ced
appropriate". Compiler for PF now uses keyword 'self' in rules where firewall object is used in Source or Destination.
22 lines
522 B
Plaintext
22 lines
522 B
Plaintext
|
|
set timeout udp.single 5
|
|
|
|
#
|
|
# Scrub rules
|
|
#
|
|
match all scrub (reassemble tcp no-df )
|
|
match out all scrub (random-id min-ttl 1 max-mss 1460)
|
|
|
|
#
|
|
# Rule backup ssh access rule
|
|
# backup ssh access rule
|
|
pass in quick inet proto tcp from 10.3.14.30 to self port 22 label "RULE -1 -- ACCEPT "
|
|
#
|
|
# Rule 0 (global)
|
|
block log quick inet from any to any no state label "RULE 0 -- DROP "
|
|
#
|
|
# Rule fallback rule
|
|
# fallback rule
|
|
block quick inet from any to any no state label "RULE 10000 -- DROP "
|
|
|