Date: Fri, 10 Feb 2017 14:50:34 -0800 From: Doug Niven <dniven@ucsc.edu> To: freebsd-questions@freebsd.org Subject: PF question Message-ID: <CAFcpV2Pfv%2BBOhMR3keWj9P1tPfDC8OxeGghHvyDeHN2O8-8NVg@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi Folks,
This may be a little off-topic but I know there are some PF experts out there...
The following PF rule successfully blocks out "off campus" traffic to
port 22, but it only blocks it if the interface name is "en0"
How can I tweak this so it will block out port 22 for ANY/ALL
interfaces on the host, even if I don't know their names?
table <friendlies> { 111.222.0/16, 222.333.0.0/16 } persist
block in proto tcp from any to any port {22}
pass in on en0 proto tcp from <friendlies> to (en0) port {22}
flags S/SA keep state
Thanks in advance for your expertise.
Doug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFcpV2Pfv%2BBOhMR3keWj9P1tPfDC8OxeGghHvyDeHN2O8-8NVg>