ljsdev-ssg

Source code for https://ljs.dev
Log | Files | Refs

commit 1a0c39395653002b6e7f68af3c54265141c19a61
parent 5b9e4353a3b3da656748ff0ee311559a8afa5ba5
Author: Leon <leon@wp2static.com>
Date:   Sun,  1 Sep 2019 21:48:05 +0200

pre blocks for code

Diffstat:
Msrc/openbsd/pf-simple-configuration.html | 14+++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/openbsd/pf-simple-configuration.html b/src/openbsd/pf-simple-configuration.html @@ -11,18 +11,18 @@ <p>I won't try to teach you pf(4), for that, you have:<p> <ul> - <li><code>man pf</code></li> - <li><code>man pf.conf</code></li> - <li><code>man pfctl</code></li> - <li><code>man pflog</code></li> - <li><code>cat /etc/examples/pf.conf</code></li> + <li><pre>man pf</pre></li> + <li><pre>man pf.conf</pre></li> + <li><pre>man pfctl</pre></li> + <li><pre>man pflog</pre></li> + <li><pre>cat /etc/examples/pf.conf</pre></li> </ul> <p>What I will share, is as simple a config I use to block everything and just allow what I need. I have used more complex rulesets when using unbound(8) or vmm(4).</p> <p><i>Advice: be careful if you are adjusting pf rules for a server you only have remote access to. ie, apply changes temporarily while working, with a reboot script set in the not too distant future</i></p> -<code> +<pre> #/etc/pf.conf @@ -47,7 +47,7 @@ pass out on $ext_if proto udp all pass in on $ext_if proto tcp from any to any port $web_ports pass in on $ext_if proto tcp from any to any port $ssh_port -</code> +</pre> <p>For logging, there is an example on how to use tcpdump(8) in the pflog(4) man page. Blocking everything and then monitoring while testing out applications has worked well for me.</p>