hi
i have recently moved to freebsd from slack (on the server) and pf looks a bit out of my depth, it looks easy enough, but not easy enough for me
[HTML]#!/bin/bash
iptables -F INPUT
iptables -P INPUT DROP
iptables -F OUTPUT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
#iptables -A INPUT -i lo -j ACCEPT
#iptables -A INPUT -p tcp --dport 443 -j ACCEPT
#iptables -A INPUT -p tcp --dport 80 -j ACCEPT
#iptables -A INPUT -p tcp --dport 2010 -j ACCEPT
#iptables -A INPUT -p tcp --dport 9000:9200 -j ACCEPT
iptables -A INPUT -p tcp -s 192.168.1.2 -j ACCEPT
iptables -A INPUT -p tcp -s 192.168.1.3 -j ACCEPT
iptables -A INPUT -p tcp -s 192.168.1.4 -j ACCEPT
iptables -A INPUT -p tcp -s 192.168.1.5 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 12.34.56.78 --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 15.16.17.18 --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 34.24.32.18 --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 12.34.56.78 --dport 443 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 15.16.17.18 --dport 443 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 34.24.32.18 --dport 443 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 12.34.56.78 --dport 2010 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 15.16.17.18 --dport 2010 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 34.24.32.18 --dport 2010 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 12.34.56.78 --dport 9000:9200 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 15.16.17.18 --dport 9000:9200 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 34.24.32.18 --dport 9000:9200 -j ACCEPT[/HTML]
is what iptables looks like on slackware, and it seems to work, what i am after is how i would need to convert this to pf, so that i would have the same security as i did on linux, i require pf to be able to allow ips and dns names for the rules above, i have googled for OpenBSD pf and the faq page i found is rather informative, but no matter how many times i re-read the pages i just cant seem to get it make sense.
Thanks for any help