Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- wired = "re0"
- wifi = "rtwn0"
- table <martians> { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 \
- 172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 224.0.0.0/3 \
- 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 \
- wired = "re0"
- wifi = "rtwn0"
- table <martians> { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 \
- 172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 224.0.0.0/3 \
- 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 \
- 203.0.113.0/24 }
- set block-policy drop
- set loginterface egress
- set skip on lo0
- match in all scrub (no-df random-id max-mss 1440)
- antispoof quick for { egress $wired $wifi }
- block in quick on egress from <martians> to any
- block return out quick on egress from any to <martians>
- block all
- pass out quick inet
- pass in on { $wired $wifi } inet
- wired = "re0"
- wifi = "rtwn0"
- table <martians> { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 \
- 172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 224.0.0.0/3 \
- 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 \
- 203.0.113.0/24 }
- set block-policy drop
- set loginterface egress
- set skip on lo0
- match in all scrub (no-df random-id max-mss 1440)
- antispoof quick for { egress $wired $wifi }
- block in quick on egress from <martians> to any
- block return out quick on egress from any to <martians>
- block all
- pass out quick inet
- pass in on { $wired $wifi } inet
- 203.0.113.0/24 }
- set block-policy drop
- set loginterface egress
- set skip on lo0
- match in all scrub (no-df random-id max-mss 1440)
- antispoof quick for { egress $wired $wifi }
- block in quick on egress from <martians> to any
- block return out quick on egress from any to <martians>
- block all
- pass out quick inet
- pass in on { $wired $wifi } inet
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
