Differences

This shows you the differences between two versions of the page.

--- openbsd [2023/06/23 11:39] – [Firewall PF] maja
+++ openbsd [2023/06/23 11:41] (current) – reorder maja
@@ Line 65: / Line 65: @@
 </code>
 eg; to stop the web-server's httpd daemon ''rcctl stop httpd''
-==== Firewall PF ====
-PF is a super firewall, there is a good doco available in the [[https://www.openbsd.org/faq/pf/index.html|FAQ]] section\\
-main file is the ''/etc/pf.conf'' and by default everything in is blocked and everything out allowed.\\
-''pfctl'' is the main command to interact with pf. including viewing and modifying config on the fly.\\
-''pftop'' is a additional package, and is a top-like cli tool to monitor pf live\\
-.247.203.105
-<code>
-$ doas pfctl -t ssh-abuse -Ts | wc -l
-</code>
 ==== SSHD ====
 OpenBSD team long ago forked SSH and created their own version, and probably their best known project. it's so good its now the de-facto variant installed on most other OS's.\\
@@ Line 110: / Line 101: @@
 $ grep negotiate /var/log/authlog | wc -l
 </code>
+==== Firewall PF ====
+PF is a super firewall, there is a good doco available in the [[https://www.openbsd.org/faq/pf/index.html|FAQ]] section\\
+main file is the ''/etc/pf.conf'' and by default everything in is blocked and everything out allowed.\\
+''pfctl'' is the main command to interact with pf. including viewing and modifying config on the fly.\\
+''pftop'' is a additional package, and is a top-like cli tool to monitor pf live\\
+\\
 Combine SSH and PF and you'll passively discard a lot
 <file text pf.conf>
@@ Line 121: / Line 117: @@
          overload <ssh-abuse> flush global)
 </file>
+<code>
+$ doas pfctl -t ssh-abuse -Ts | wc -l
+</code>
 ==== Spamd ====
 SpamD can is a 'spam deferral daemon' which runs in white/grey/black modes.\\