PF Firewall

I would like to tell my BSD based PF firewall to flush out the current configuration every 2 minutes. This will help me, when I’m testing a new rules and configuration options. [donotprint]
Tutorial details
Difficulty level Easy
Root privileges Yes
Requirements *BSD+pf
Est. reading time 1m
[/donotprint]Some time I find myself locked out of my own remote server. How do I reset PF firewall automatically without issuing hard reboot?
[continue reading…]

I‘ve ssh gateway behind my NAT firewall. So all users must first login to my gateway host from the internet and then login to other machines on the LAN. This works great for cli based apps. However, few users would like to run x apps from internal LAN hosts and tunnel X display through intermediate ssh gateway and display back output on their local system. For example, from localsystem user makes connection as follows:

ssh -X user@gateway.example.com
ssh -X user@somelan.example.com

X forwarding fails with an error:

Error: Can’t open display:

How do I fix this problem and allow users to use X apps with my intermediate Linux / BSD gateway?
[continue reading…]

I‘ve FreeBSD 7.x server with 3 jails are configured to run a mail, web and MySQL services. My FreeBSD box has two network interfaces. First, interface is connected to LAN and other is directly connected to the Internet via public IP. My DNS servers are hosted on private network (LAN). FreeBSD 7.x jail only support one interface and one IP address. How do I configure jail (FreeBSD vps) to access my DNS servers hosted inside my LAN using PF firewall?
[continue reading…]