Differences

This shows you the differences between two versions of the page.

--- openbsd:hardening [2020/06/03 09:12]
net_wayfarer Replaced wget command with ftp.
+++ openbsd:hardening [2020/06/05 09:51] (current)
net_wayfarer PF section is mostly done. Not going to go rambling on with it and will update it with links as needed.
@@ Line 168: / Line 168: @@
 ##   give a reply. The following is a two part process and must be implemented to achieve the desired effect.
 ##
+##
+##   By default, openbsd drops packets, https://www.openbsd.org/faq/pf/options.html
 ##   # set block-policy drop
 ##
 ##    We do not send out any reset (RST) packets back, especially if the ports are closed.
-##
+##    https://www.openbsd.org/faq/pf/filter.html#defdeny
 ##   # block all
+##
+##   Under no circumstances should this PF section be deemed as complete. A seasoned system administrator
+##   will know how to write a proper firewall configuration tailored to their network, as each and every
+##   network is unique in their own ways. However, the following below are some general recommended
+##   reading on writing a proper firewall configuration. Do not simply just copy and paste rules into your own
+##   machine. Do take time in reading up and consulting the various information that are available in both free
+##   and paid (book) forms.
+##
+##  # https://harrykar.blogspot.com/2010/07/openbsd-packet-filteringpf.html
+##  # http://daemonforums.org/showthread.php?t=8419
 ##
 ##################################################################

IRCNow