[pkg] reorder osx helper files

author: Kali Kaneko (leap communications) <kali@leap.se> 2017-06-13 14:40:59 +0200
committer: Kali Kaneko (leap communications) <kali@leap.se> 2017-06-13 14:40:59 +0200
commit: 77b33c49d004d72f58ebcf4cbb95eb87acccbea9 (patch)
tree: 1c4786c22979707b4b544cfdfa4cca32d2a1bd45 /src/leap/bitmask/vpn/helpers/osx/bitmask.pf.conf
parent: c95fe65177519e20348d1156f6c7925ce88cad3a (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/src/leap/bitmask/vpn/helpers/osx/bitmask.pf.conf b/src/leap/bitmask/vpn/helpers/osx/bitmask.pf.conf
new file mode 100644
index 00000000..eb0e858f
--- /dev/null
+++ b/src/leap/bitmask/vpn/helpers/osx/bitmask.pf.conf
@@ -0,0 +1,17 @@
+default_device = "en99"
+
+set block-policy drop
+set skip on lo0
+
+# block all traffic on default device
+block out on $default_device all
+
+# allow traffic to gateways
+pass out on $default_device to <bitmask_gateways>
+
+# allow traffic to local networks over the default device
+pass out on $default_device to $default_device:network
+
+# block all DNS, except to the gateways
+block out proto udp to any port 53
+pass out proto udp to <bitmask_gateways> port 53
author	Kali Kaneko (leap communications) <kali@leap.se>	2017-06-13 14:40:59 +0200
committer	Kali Kaneko (leap communications) <kali@leap.se>	2017-06-13 14:40:59 +0200
commit	77b33c49d004d72f58ebcf4cbb95eb87acccbea9 (patch)
tree	1c4786c22979707b4b544cfdfa4cca32d2a1bd45 /src/leap/bitmask/vpn/helpers/osx/bitmask.pf.conf
parent	c95fe65177519e20348d1156f6c7925ce88cad3a (diff)