Reset PF Firewall Automatically While Testing Configuration With Remote Server Over SSH Session

in Categories , , , , , last updated April 11, 2014

I would like to tell my BSD based PF firewall to flush out the current configuration every 2 minutes. This will help me, when I’m testing a new rules and configuration options. Some time I find myself locked out of my own remote server. How do I reset PF firewall automatically without issuing hard reboot?

Tunneling X Connection Through Intermediate Linux / BSD Gateway

in Categories , , , , , , , , , , , , , , last updated May 7, 2009

I‘ve ssh gateway behind my NAT firewall. So all users must first login to my gateway host from the internet and then login to other machines on the LAN. This works great for cli based apps. However, few users would like to run x apps from internal LAN hosts and tunnel X display through intermediate ssh gateway and display back output on their local system. For example, from localsystem user makes connection as follows:

ssh -X user@gateway.example.com
ssh -X user@somelan.example.com

X forwarding fails with an error:

Error: Can’t open display:

How do I fix this problem and allow users to use X apps with my intermediate Linux / BSD gateway?

FreeBSD Jail Access Private Network Via NAT and PF

in Categories , , last updated May 6, 2017

I‘ve FreeBSD 7.x server with 3 jails are configured to run a mail, web and MySQL services. My FreeBSD box has two network interfaces. First, interface is connected to LAN and other is directly connected to the Internet via public IP. My DNS servers are hosted on private network (LAN). FreeBSD 7.x jail only support one interface and one IP address. How do I configure jail (FreeBSD vps) to access my DNS servers hosted inside my LAN using PF firewall?