pf blocks all in/out traffic instead of just the one port I wanted to block
block all
pass in on fxp0 proto tcp from any to any port 22 flags S/SA
pass out on fxp0 proto tcp from any to any port 22 flags S/SA
Please consider you have to change fxp0 to your ethernet according to your operating OS.
Reverse of above:
pass in on fxp0 proto tcp from any to any port < 22 flags S/SA
pass out on fxp0 proto tcp from any to any port < 22 flags S/SA
pass in on fxp0 proto tcp from any to any port > 22 flags S/SA
pass out on fxp0 proto tcp from any to any port > 22 flags S/SA
block in on fxp0 proto tcp from any to any port 22
block out on fxp0 proto tcp from any to any port 22
Related videos on Youtube
28 : 00
06 : 28
03 : 55
02 : 02
01 : 39
sudo
Updated on September 18, 2022Comments
-
sudo over 1 year
I need to block one incoming port with pf. I'm new to pf, and I can't figure out what I'm doing wrong here.
Here is my entire rule file, made to block incoming port 22:
set block-policy drop pass in all keep state pass out all keep state block in proto tcp to port 22After I start pf with
sudo /sbin/pfctl -e -f /path/to/my/rule/file, all my network traffic is blocked. I try to load a webpage, and it won't load until I dosudo /sbin/pfctl -dto disable pf.If I remove the fourth line (
block in proto tcp to port 22) from my rule list, nothing is blocked. So what did I do wrong on the fourth line that is causing it to block everything instead of just incoming TCP port 22? All the examples did this similarly.If it matters, my OS is OS X 10.8.5.
-
sudo over 9 yearsThis will block everything except port 22, though. I need to allow everything except port 22.
-
sudo over 9 yearsThanks, it works. I actually did something a little different but equivalent: pass in all then block port 22 the way you did it.