Page 1 of 1

PF keywords return-icmp & return-rst?

Posted: Sat Dec 05, 2015 8:12 am
by shields
I have been teaching myself PF (using Firewall Builder) as part of migrating the IPTABLES firewall currently running on an old Linux box to a much newer Mac Mini.

I recently discovered Murus, and so far I like it much better than Firewall Builder as a frontend to PF under OS X. However, there are some custom block rules that I'd like to include from the IPTABLES firewall functionality that need the "return-icmp" keyword, which isn't (apparently) supported at the moment.

Any chance that "block return-icmp" (and "block return-rst") will show up as options in the custom rule Action menu in the near future?

Re: PF keywords return-icmp & return-rst?

Posted: Sat Dec 05, 2015 6:51 pm
by hany
I have never used such actions on OS X's pf.
With Murus Pro you can add custom rules using whatever pf syntax, provided that current OS X's pf supports it.
Murus custom rules popup menus are somehow limited, they show only the most common actions/options, for sake of simplicity. But you can issue a custom manual rule, just click the big gear button on right-bottom of custom rules popover view.

Re: PF keywords return-icmp & return-rst?

Posted: Mon Dec 07, 2015 5:58 pm
by shields
I wasn't aware of that manual-ation option ... that solves my immediate problem nicely.

Re: PF keywords return-icmp & return-rst?

Posted: Tue Dec 08, 2015 1:22 am
by hany
:ugeek: