💾 Archived View for tozip.chickenkiller.com › freebsd-firewall.gmi captured on 2022-07-16 at 13:44:36. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
The firewall is called "pf" (packet filter)
# port forwarding # https://docs.freebsd.org/en/books/handbook/firewalls/#firewalls-pf pf_rule="/etc/pf.conf" # rules configuration pf_enable="YES" pflog_enable="yes" # enable loggin to /var/log/pflog by default gateway_enable="YES"
Remember to start or restart:
service pf start
or
service pf restart
Type
ifconfig
You will see something like: bge0, lo0, wlan0.
lo0 is the loopback interface, which refers to internal routing.
bge0 is my external NIC.
wlan0 is my wifi dongle.
Suppose you wanted to redirect all interfaces calling port 300 to port 7777.
Here's the rule you would put in /etc/pf.conf:
rdr pass on {"bge0", "wlan0", "lo0"} proto tcp from any to any port 300 -> 192.168.0.27 port 7777
If you want to astract out the interfaces, you could do something like:
all_if="{ue0, wlan0, lo0}" rdr pass on $all_if proto tcp from any to any port 300 -> 127.0.0.1 port 3000