Create a gist now

Instantly share code, notes, and snippets.

Embed
What would you like to do?
A very simple set of pf rules, in the right order, that might be used with pf on OS X Mountain Lion
# Options
set block-policy drop
set fingerprints "/etc/pf.os"
set ruleset-optimization basic
set skip on lo0
# Normalization
# Scrub incoming packets
scrub in all no-df
# Queueing
# Translation
# Filtering
# Antispoof
antispoof log quick for { lo0 en0 en2 }
# Block by default
block in log
# Block to/from illegal destinations or sources
block in log quick from no-route to any
# Allow critical system traffic
pass in quick inet proto udp from any port 67 to any port 68
# Allow ICMP from home LAN
pass in log proto icmp from 192.168.254.0/24
# Allow outgoing traffic
pass out inet proto tcp from any to any keep state
pass out inet proto udp from any to any keep state
@mebjas

This comment has been minimized.

Show comment
Hide comment
@mebjas

mebjas Aug 17, 2014

Can you explain what different steps do?

mebjas commented Aug 17, 2014

Can you explain what different steps do?

@phpmydev

This comment has been minimized.

Show comment
Hide comment
@phpmydev

phpmydev Apr 27, 2017

Hey Scott! I've been looking all over for the rule to allow a user to only view one website, like:
block all
pass out port xxxx
something like that - do you think it would work?

Hey Scott! I've been looking all over for the rule to allow a user to only view one website, like:
block all
pass out port xxxx
something like that - do you think it would work?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment