Red Antigua Logo
Yet another piece of web.
Search this site (by Google)
Tools    (top)
Check a site for broken links
(W3C)

Perl modules    (top)
Tree::Numbered::Tools
(CPAN)
Perl tutorials    (top)
Perl modules
HTML::Template
CGI::Application
Cookies with CGI::Application
Upload files with CGI::Application
Download files with CGI::Application
Redirect with CGI::Application
CPAN shell
Install DBD::mysql from the CPAN shell
Perl trim function
Validate an IP with Perl
Run suid Perl scripts under Apache
Perl taint mode
Perl date functions with Date::Calc

In Spanish
Curso de Perl

C tutorials    (top)
C - Introduction
C - Absolute beginner's Emacs
C - Examples for beginners
C - Makefile examples
C - Autotools examples
Server configurations    (top)
DNS
Apache
Apache Authentication and Access Control
mod_perl on FreeBSD
MySQL
MySQL add account
phpMyAdmin
Squid
DHCP

UNIX on Windows    (top)
MSYS2 - UNIX environment for MS Windows 32/64 bits
Apache setup on Windows
MySQL setup on Windows
PHP setup on Windows
Perl setup on Windows
Emacs setup on Windows
PuTTY
WinSCP
GIMP on Windows
MinGW - gcc on Windows
MSYS - UNIX-styled shell on Windows
msysDTK - autotools on Windows
GDB for MinGW on Windows

Misc. FreeBSD/UNIX    (top)
'portupgrade' on FreeBSD
'ipf' on FreeBSD
'pf' on FreeBSD
'su' on FreeBSD
Mount an ISO image under FreeBSD
Load the correct sound driver under FreeBSD without knowing what sound card you are using
Simultaneous sound channels on FreeBSD
FreeBSD network stuff
DOS-to-UNIX file conversion
favicon.ico on UNIX
Emacs tips
Command Line Calculator
Save multimedia streams with 'mplayer'
xargs - solution to 'Argument list too long'
Process multiple images from the command line using 'ImageMagick'
Turn the system bell off under X Windows
Process each line in an input file from the command line (or in a shell script)
How to keep a program running in the background using 'nohup'
How to remove symbolic links in the current directory using 'find' and 'rm'
How to remove Emacs backup files in the current directory and all subdirectories using 'find' and 'rm'
How to execute .profile without logging in
Configure X to handle non-English characters
How to move /var to /usr/var

Redirect a web page    (top)
Redirect to another web page
Apache redirect
C redirect
Perl redirect
PHP redirect
HTML redirect
JavaScript redirect

Javascript    (top)
Trim function
Login form
Register form
Popup window

pf on FreeBSD
pf on FreeBSD        
I guess I'm not the only one considering OpenBSD's 'pf' the most powerful firewall available.
As the commercials say: "Now on FreeBSD!" :-)
And it is really easy to activate 'pf'.
Starting from FreeBSD 5.3, 'pf' is incorporated into the base system, so creating the two configure files below are the only requirements.
Then just killall init (or reboot, as you wish), which loads the 'pf' module if not compiled into kernel already.
Refer to the links at the bottom of this page how to activate 'pf' on previous versions of FreeBSD.
When activated, read to 'man pf' and 'man pfctl' to learn how to manage 'pf'.
In /etc/rc.conf:
pf_enable="YES"                 # Enable PF (load module if required)
pf_rules="/etc/pf.conf"         # rules definition file for pf
pf_flags=""                     # additional flags for pfctl startup
pflog_enable="YES"              # start pflogd(8)
pflog_logfile="/var/log/pflog"  # where pflogd should store the logfile
pflog_flags=""                  # additional flags for pflogd startup
gateway_enable="YES"            # Enable as LAN gateway
In /etc/pf.conf:
NOTE!: Simple NAT rules for LAN only! Open firewall! Not tested! No warranties!:
# macros
int_if = "dc0"
ext_if = "fxp0"
tcp_services = "{ 22, 113 }"
icmp_types = "echoreq"
priv_nets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"
comp3 = "192.168.0.3"

# options
set block-policy return
set loginterface $ext_if

# scrub
scrub in all

# nat
nat on $ext_if from $int_if:network to any -> ($ext_if)
# Modifed 2005-03-12: 
# 'rdr' rule disabled, which makes this config file work!
###rdr on $int_if from $int_if:network to any -> ($ext_if)

# filter rules
block all
pass quick on lo0 all
block drop in  quick on $ext_if from $priv_nets to any
block drop out quick on $ext_if from any to $priv_nets
pass in on $ext_if inet proto tcp from any to ($ext_if) \
   port $tcp_services flags S/SA keep state
pass in on $ext_if proto tcp from any to $comp3 port 80 \
   flags S/SA synproxy state
pass in on $ext_if inet proto tcp from port 20 to ($ext_if) \
   user proxy flags S/SA keep state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass in  on $int_if from $int_if:network to any keep state
pass out on $int_if from any to $int_if:network keep state
pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto { udp, icmp } all keep state

Read more at:
https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-pf.html
http://pf4freebsd.love2party.net/.
http://www.openbsd.org/faq/pf/.
Last modified: Wed Apr 28 21:36:56 CST 2004