Pf.conf

AUTHPF(8) - System Manager's Manual

Pf.conf, Proxy, Securelevel, Pf, Authpf

AUTHPF(8) - System Manager’s Manual # AUTHPF(8) - System Manager’s Manual NAME # authpf, authpf-noip - authenticating gateway user shell SYNOPSIS # authpf authpf-noip DESCRIPTION # authpf is a user shell for authenticating gateways. It is used to change pf(4) rules when a user authenticates and starts a session with sshd(8) and to undo these changes when the user’s session exits. Typical use would be for a gateway that authenticates users before allowing them Internet use, or a gateway that allows different users into different places. ...

BPE(4) - Device Drivers Manual

Netstart, Vlan, Netintro, Pf.conf, Ifconfig, Inet, Bridge, Ip, Hostname.if, Bpe

BPE(4) - Device Drivers Manual # BPE(4) - Device Drivers Manual NAME # bpe - Backbone Provider Edge pseudo-device SYNOPSIS # pseudo-device bpe DESCRIPTION # The bpe driver creates IEEE 802.1Q Provider Backbone Bridge (PBB) networks by acting as a Backbone Edge Bridge (BEB). PBB, also known as mac-in-mac, was originally specified in IEEE 802.1ah-2008 and became part of IEEE 802.1Q-2011. A Provider Backbone Bridge Network (PBBN) consists of BEBs interconnected by Backbone Core Bridges (BCBs) to form an Ethernet network for the transport of encapsulated Ethernet packets. ...

DIVERT(4) - Device Drivers Manual

Pf.conf, Socket, Ip, Divert

DIVERT(4) - Device Drivers Manual # DIVERT(4) - Device Drivers Manual NAME # divert - kernel packet diversion mechanism SYNOPSIS # #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> int socket(AF_INET, SOCK_RAW, IPPROTO_DIVERT); int socket(AF_INET6, SOCK_RAW, IPPROTO_DIVERT); DESCRIPTION # Divert sockets are part of a mechanism completely integrated with pf(4) that queues raw packets from the kernel stack to userspace applications, and vice versa. A divert socket must be bound to a divert port through bind(2), which only the superuser can do. ...

ENC(4) - Device Drivers Manual

Tcpdump, Pf.conf, Ipsec, Ipsec.conf, Pf, Enc

ENC(4) - Device Drivers Manual # ENC(4) - Device Drivers Manual NAME # enc - encapsulating interface SYNOPSIS # pseudo-device enc DESCRIPTION # The enc interface is a virtual interface for ipsec(4) traffic. It allows packet filtering using pf(4); prior to encapsulation and after decapsulation, packets may be monitored using tcpdump(8). An enc interface can be created at runtime using the ifconfig enc‌N create command or by setting up a hostname. ...

FTP-PROXY(8) - System Manager's Manual

Ftp, Pf.conf, Pf, Ftp-Proxy

FTP-PROXY(8) - System Manager’s Manual # FTP-PROXY(8) - System Manager’s Manual NAME # ftp-proxy - Internet File Transfer Protocol proxy daemon SYNOPSIS # ftp-proxy [-6Adrv] [-a sourceaddr] [-b address] [-D level] [-m maxsessions] [-P port] [-p port] [-q queue] [-R address] [-T tag] [-t timeout] DESCRIPTION # ftp-proxy is a proxy for the Internet File Transfer Protocol. FTP control connections should be redirected into the proxy using the pf(4) divert-to command, after which the proxy connects to the server on behalf of the client. ...

IKED.CONF(5) - File Formats Manual

Enc, Iked, Pf.conf, Ipsec, Ikectl, Ipsec.conf, Iked-Conf

IKED.CONF(5) - File Formats Manual # IKED.CONF(5) - File Formats Manual NAME # iked.conf - IKEv2 configuration file DESCRIPTION # iked.conf is the configuration file for iked(8), the Internet Key Exchange version 2 (IKEv2) daemon for IPsec. IPsec itself is a pair of protocols: Encapsulating Security Payload (ESP), which provides integrity and confidentiality; and Authentication Header (AH), which provides integrity. The IPsec protocol itself is described in ipsec(4). In its most basic form, a flow is established between hosts and/or networks, and then Security Associations (SA) are established, which detail how the desired protection will be achieved. ...

IPSEC.CONF(5) - File Formats Manual

Enc, Pf.conf, Ipsec, Isakmpd, Openssl, Tcp, Ipsecctl, Ipcomp, Ipsec-Conf

IPSEC.CONF(5) - File Formats Manual # IPSEC.CONF(5) - File Formats Manual NAME # ipsec.conf - IPsec configuration file DESCRIPTION # The ipsec.conf file specifies rules and definitions for IPsec, which provides security services for IP datagrams. IPsec itself is a pair of protocols: Encapsulating Security Payload (ESP), which provides integrity and confidentiality; and Authentication Header (AH), which provides integrity. The IPsec protocol itself is described in ipsec(4). In its most basic form, a flow is established between hosts and/or networks, and then Security Associations (SAs) are established, which detail how the desired protection will be achieved. ...

PF.OS(5) - File Formats Manual

Pfctl, Pf.conf, Tcpdump, Pf, Pf-Os

PF.OS(5) - File Formats Manual # PF.OS(5) - File Formats Manual NAME # pf.os - format of the operating system fingerprints file DESCRIPTION # The pf(4) firewall and the tcpdump(8) program can both fingerprint the operating system of hosts that originate an IPv4 TCP connection. The file consists of newline-separated records, one per fingerprint, containing nine colon (’:’) separated fields. These fields are as follows: window The TCP window size. ...

PF(4) - Device Drivers Manual

Pfctl, Pf.conf, Ioctl, Pfsync, Pflog, Bridge, Pflow, Pf

PF(4) - Device Drivers Manual # PF(4) - Device Drivers Manual NAME # pf - packet filter SYNOPSIS # pseudo-device pf DESCRIPTION # Packet filtering takes place in the kernel. A pseudo-device, /dev/pf, allows userland processes to control the behavior of the packet filter through an ioctl(2) interface. There are commands to enable and disable the filter, load rulesets, add and remove individual rules or state table entries, and retrieve statistics. ...

PFCTL(8) - System Manager's Manual

Rc.conf, Pf.conf, Rc, Pf.os, Sysctl.conf, Sysctl, Pf, Proxy, Authpf, Pfctl

PFCTL(8) - System Manager’s Manual # PFCTL(8) - System Manager’s Manual NAME # pfctl - control the packet filter (PF) device SYNOPSIS # pfctl [-deghNnPqrvz] [-a anchor] [-D macro=value] [-F modifier] [-f file] [-i interface] [-K key] [-k key] [-L statefile] [-o level] [-p device] [-S statefile] [-s modifier [-R id]] [-t table -T command [address …]] [-V rdomain] [-x level] DESCRIPTION # The pfctl utility communicates with the packet filter device using the ioctl interface described in pf(4). ...