[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf.conf macro help needed



On Wed, Feb 09, 2005 at 10:56:01AM -0600, J.D. Bronson wrote:
> I have 2 ISPs connected to my OBSD box and use pf:
> 
> RR = "fxp0"
> DSL = "tun0"
> 
> I created rulesets to dump certain windoze junk as such:
> 
> # Block known windows exploits
> block in quick on $DSL proto tcp from any to any port 139
> block in quick on $DSL proto tcp from any to any port 445
> block in quick on $DSL proto tcp from any to any port 69
> block in quick on $RR proto tcp from any to any port 139
> block in quick on $RR proto tcp from any to any port 445
> block in quick on $RR proto tcp from any to any port 69
> 
> Is there any way to create a macro so I dont need to create
> double the rulesets for each ISP ?
> 
> Thanks!!
> 
> -- 
> J.D. Bronson
> Aurora Health Care // Information Services // Milwaukee, WI USA
> Office: 414.978.8282 // Email: jd_(_at_)_aurora_(_dot_)_org // Pager: 414.314.8282
> 

Try this macro:

windows_ports = "{ 139, 445, 69 }"

block in quick on $DSL proto tcp from any to any port $windows_ports
block in quick on $RR proto tcp from any to any port $windows_ports



Visit your host, monkey.org