diff options
| author | Kali Kaneko <kali@leap.se> | 2016-04-25 21:32:54 -0400 |
|---|---|---|
| committer | Kali Kaneko <kali@leap.se> | 2016-04-25 21:32:54 -0400 |
| commit | 434d0534661d7c222e5dabc4e5e237b060d2212b (patch) | |
| tree | 2e7bf0e556f983bd5404481a9aa4fb0fd7d75778 /pkg/osx/bitmask.pf.conf | |
| parent | 9ee728108f3b894d097206cc6ff6d0a70808f2d5 (diff) | |
| parent | f47416804ad2f88ba27aa032e0d2fc1c9fd314c8 (diff) | |
Merge branch 'develop' into debian/experimental
Diffstat (limited to 'pkg/osx/bitmask.pf.conf')
| -rw-r--r-- | pkg/osx/bitmask.pf.conf | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/pkg/osx/bitmask.pf.conf b/pkg/osx/bitmask.pf.conf new file mode 100644 index 00000000..eb0e858f --- /dev/null +++ b/pkg/osx/bitmask.pf.conf @@ -0,0 +1,17 @@ +default_device = "en99" + +set block-policy drop +set skip on lo0 + +# block all traffic on default device +block out on $default_device all + +# allow traffic to gateways +pass out on $default_device to <bitmask_gateways> + +# allow traffic to local networks over the default device +pass out on $default_device to $default_device:network + +# block all DNS, except to the gateways +block out proto udp to any port 53 +pass out proto udp to <bitmask_gateways> port 53 |