OpenBsd 配置PF防火墙NAT与端口映射

 
int_if = "em0"
ext_if = "em1"
 
scrub in all
 
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
nat on $ext_if from $int_if:network to any -> (em1)
rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
 
block all
pass quick on lo0 all
antispoof quick for $int_if inet
 
anchor "ftp-proxy/*"
pass on $int_if all keep state
pass in quick on $ext_if proto tcp from any to ($ext_if) port 32822 flags S/SA keep state
pass in quick on $ext_if proto tcp from any to ($ext_if) port 80    flags S/SA keep state
pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto {udp,icmp} all keep state

你可能感兴趣的:(职场,NAT,休闲,端口映射,pf防火墙)