PF firewall equivalent of IP tables command
I have configured apache in the conf file to work with user: apachez group: groupz.
To block outbound requests by the apache user (to stop naughty behavior RE wget/scripts from external sites) using iptables you would do something like:
iptables -A OUTPUT -m owner --uid-owner apachez -p tcp --dport 80 -j DROP
iptables -A OUTPUT -m owner --uid-owner apachez -p tcp --dport 443 -j DROP
I am not sure whether this should be using --dport (destination port) or --sport (source port) - I am fairly new to this.
However, I need to do this in the PF (packet filter) firewall not iptables.
Could someone please advise the command line(s) that would do the above in PF?
Last edited by tontoOz; 02-06-2013 at 03:23 PM.