spacepaste

  1.  
  2. #
  3. # Default PF configuration file.
  4. #
  5. # This file contains the main ruleset, which gets automatically loaded
  6. # at startup. PF will not be automatically enabled, however. Instead,
  7. # each component which utilizes PF is responsible for enabling and disabling
  8. # PF via -E and -X as documented in pfctl(8). That will ensure that PF
  9. # is disabled only when the last enable reference is released.
  10. #
  11. # Care must be taken to ensure that the main ruleset does not get flushed,
  12. # as the nested anchors rely on the anchor point defined here. In addition,
  13. # to the anchors loaded by this file, some system services would dynamically
  14. # insert anchors into the main ruleset. These anchors will be added only when
  15. # the system service is used and would removed on termination of the service.
  16. #
  17. # See pf.conf(5) for syntax.
  18. #
  19. #
  20. # com.apple anchor point
  21. #
  22. #scrub-anchor "com.apple/*"
  23. #nat-anchor "com.apple/*"
  24. #rdr-anchor "com.apple/*"
  25. #dummynet-anchor "com.apple/*"
  26. #anchor "com.apple/*"
  27. #load anchor "com.apple" from "/etc/pf.anchors/com.apple"
  28. rdr pass on lo0 proto tcp from en3 to any port 1935 -> 127.0.0.1
  29. pass out route-to lo0 inet proto tcp from en3 to any port 1935 user != 2NDUSER
  30.