PF keywords return-icmp & return-rst?

Murus
Post Reply
shields
Posts: 3
Joined: Fri Nov 06, 2015 4:32 am

PF keywords return-icmp & return-rst?

Post by shields » Sat Dec 05, 2015 8:12 am

I have been teaching myself PF (using Firewall Builder) as part of migrating the IPTABLES firewall currently running on an old Linux box to a much newer Mac Mini.

I recently discovered Murus, and so far I like it much better than Firewall Builder as a frontend to PF under OS X. However, there are some custom block rules that I'd like to include from the IPTABLES firewall functionality that need the "return-icmp" keyword, which isn't (apparently) supported at the moment.

Any chance that "block return-icmp" (and "block return-rst") will show up as options in the custom rule Action menu in the near future?

hany
Posts: 479
Joined: Wed Dec 10, 2014 5:20 pm

Re: PF keywords return-icmp & return-rst?

Post by hany » Sat Dec 05, 2015 6:51 pm

I have never used such actions on OS X's pf.
With Murus Pro you can add custom rules using whatever pf syntax, provided that current OS X's pf supports it.
Murus custom rules popup menus are somehow limited, they show only the most common actions/options, for sake of simplicity. But you can issue a custom manual rule, just click the big gear button on right-bottom of custom rules popover view.

shields
Posts: 3
Joined: Fri Nov 06, 2015 4:32 am

Re: PF keywords return-icmp & return-rst?

Post by shields » Mon Dec 07, 2015 5:58 pm

I wasn't aware of that manual-ation option ... that solves my immediate problem nicely.

hany
Posts: 479
Joined: Wed Dec 10, 2014 5:20 pm

Re: PF keywords return-icmp & return-rst?

Post by hany » Tue Dec 08, 2015 1:22 am

:ugeek:

Post Reply