Pf

From Hackepedia
Revision as of 13:20, 5 October 2005 by Sysadmin (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

If you're using the OpenBSD pf, make sure it's enabled. 

# pfctl -si
Status: Enabled

I've been bitten by this while debugging. 

# pfctl -N -f /etc/pf.conf

This will reload the nat rules only.. often best to disable the firewall rules when testing nat, so do 

# pfctl -Fr

to flush the rules, and just 

# pfctl -R -f /etc/pf.conf

to use them again. 

# pfctl -Fs

to flush the current nat states, just remember the existing natted connections will drop when you do this. 

# pfctl -ss

to show the current nat states.

in summary, -Fn the F means to Flush. -sn the s means to show. -N and -R are to load only the Nat or filter Rules respectively.

Retrieved from "https://hackepedia.org/?title=Pf&oldid=1780"