PF rule allowing specific IP's to pass

PF rule allowing specific IP's to pass

Post by WhOm » Sun, 22 Sep 2002 16:35:55



I'm trying to setup an SSH server on a Linux machine to pass files
between home and work. In order to secure access between the locations I
need a rule to allow "trusted"/specific IP's access through the OBSD
firewall. Would this rule work or have I missed something?

"pass in on $ExtIF inet from $Trusted to 192.168.2.2 port ssh keep
state"

Steve

-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----==  Over 80,000 Newsgroups - 16 Different Servers! =-----

 
 
 

PF rule allowing specific IP's to pass

Post by zbyszek » Sun, 22 Sep 2002 17:29:41


Quote:> "pass in on $ExtIF inet from $Trusted to 192.168.2.2 port ssh keep
> state"

You will never rich unroutable address from outside ssh client.
You should use external firewall address instead and
make some redirection to get server eg.
#rdr on $ExtIF inet tcp from $Trusted to "ExtAddr" port 22 -> 192.168.2.2
port 22