Difference between revisions of "Pf"
From Hackepedia
Jump to navigationJump to searchm (adding altq link) |
|||
| Line 27: | Line 27: | ||
in summary, -Fn the F means to Flush. -sn the s means to show. -N and -R are to load only the Nat or filter Rules respectively. | in summary, -Fn the F means to Flush. -sn the s means to show. -N and -R are to load only the Nat or filter Rules respectively. | ||
| + | |||
| + | |||
| + | If you're satisfied with your pf ruleset, you might be interesting in looking into [http://pf4freebsd.love2party.net/altq.html ALTQ]. Alternate queuing (ALTQ) is a framework that allows to shape network traffic. | ||
Revision as of 21:52, 27 February 2006
If you're using the OpenBSD pf, make sure it's enabled.
# pfctl -si Status: Enabled
I've been bitten by this while debugging.
# pfctl -N -f /etc/pf.conf
This will reload the nat rules only.. often best to disable the firewall rules when testing nat, so do
# pfctl -Fr
to flush the rules, and just
# pfctl -R -f /etc/pf.conf
to use them again.
# pfctl -Fs
to flush the current nat states, just remember the existing natted connections will drop when you do this.
# pfctl -ss
to show the current nat states.
in summary, -Fn the F means to Flush. -sn the s means to show. -N and -R are to load only the Nat or filter Rules respectively.
If you're satisfied with your pf ruleset, you might be interesting in looking into ALTQ. Alternate queuing (ALTQ) is a framework that allows to shape network traffic.
