diff options
Diffstat (limited to 'regress/sbin/pfctl/pfopt5.in')
| -rw-r--r-- | regress/sbin/pfctl/pfopt5.in | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/regress/sbin/pfctl/pfopt5.in b/regress/sbin/pfctl/pfopt5.in new file mode 100644 index 00000000000..628373aa483 --- /dev/null +++ b/regress/sbin/pfctl/pfopt5.in @@ -0,0 +1,29 @@ +ext_if="lo0" + +# OPTIONS, -O +set loginterface $ext_if +set timeout tcp.established 3600 +set limit states 100 +set optimization normal +set block-policy drop +set require-order yes + +# NOMALIZATION +scrub in all + +# QUEUEING, -A +altq on $ext_if priq bandwidth 10Mb queue { pri-low pri-med pri-high } +queue pri-low priority 0 +queue pri-med priority 1 priq(default) +queue pri-high priority 2 + +# NAT -N +rdr on $ext_if inet from any to any -> 127.0.0.1 +nat on $ext_if inet from any to any -> 127.0.0.1 +binat on $ext_if inet from 192.168.0.0/24 to 192.168.0.1/24 -> 192.168.0.3/24 + +# FILTER, -R +pass out on $ext_if proto tcp from any to any port 22 keep state \ + queue(pri-med, pri-high) +pass out on $ext_if proto tcp from any to any port 80 keep state queue pri-med +pass in on $ext_if proto tcp from any to any port 80 keep state queue pri-low |