indyny

Q: pf firewall and multiple NIC?

Hello Everyone!

 

As many of you know laptops have multiple network interfaces.

 

networksetup -listallhardwareports

 

Hardware Port: Thunderbolt Ethernet

Device: en3

Ethernet Address: xx:c9:86:3c:a8:xx

 

Hardware Port: Wi-Fi

Device: en0

Ethernet Address: xx:xx:89:cc:0e:xx

 

Hardware Port: Thunderbolt 1

Device: en1

Ethernet Address: xx:00:xx:09:76:xx

 

Hardware Port: Thunderbolt 2

Device: en2

Ethernet Address: xx:00:02:xx:76:xx

 

My pf.firewall rules are:

 

ETH0="en0"

icmp_types="echoreq"

#ssh access for  VPN (4 subnets), Bastion-Host (2 hosts) and sysadmins

table <ssh_access> const { range of IP numbers }

#Remote Desktop access for Sysadmin

table <ard_access> const { range of IP numbers }

set loginterface $ETH0

set skip on lo0

scrub in all no-df

antispoof for $ETH0

block in log

pass out quick keep state

pass in quick log on $ETH0 proto tcp from <ssh_access> to port 22 keep state

pass in quick log on $ETH0 proto tcp from <ard_access> to port 5900 keep state

pass in quick log on $ETH0 proto tcp from <ard_access> to port 3283 keep state

pass in inet proto icmp all icmp-type $icmp_types

 

These rules seem to only apply to en0. Is there a way to include the other interfaces to my rules?

 

Thank you all!

iMac, OS X El Capitan (10.11.5)

Posted on Sep 19, 2016 12:33 PM