Instantly share code, notes, and snippets.

What would you like to do?
A very simple set of pf rules, in the right order, that might be used with pf on OS X Mountain Lion
# Options
set block-policy drop
set fingerprints "/etc/pf.os"
set ruleset-optimization basic
set skip on lo0
# Normalization
# Scrub incoming packets
scrub in all no-df
# Queueing
# Translation
# Filtering
# Antispoof
antispoof log quick for { lo0 en0 en2 }
# Block by default
block in log
# Block to/from illegal destinations or sources
block in log quick from no-route to any
# Allow critical system traffic
pass in quick inet proto udp from any port 67 to any port 68
# Allow ICMP from home LAN
pass in log proto icmp from
# Allow outgoing traffic
pass out inet proto tcp from any to any keep state
pass out inet proto udp from any to any keep state

This comment has been minimized.

mebjas commented Aug 17, 2014

Can you explain what different steps do?


This comment has been minimized.

phpmydev commented Apr 27, 2017

Hey Scott! I've been looking all over for the rule to allow a user to only view one website, like:
block all
pass out port xxxx
something like that - do you think it would work?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment