diff options
Diffstat (limited to 'content/posts/openbsd-vpn-gateway')
| -rw-r--r-- | content/posts/openbsd-vpn-gateway/index.org | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/content/posts/openbsd-vpn-gateway/index.org b/content/posts/openbsd-vpn-gateway/index.org index e2bcf9b..f77b6f8 100644 --- a/content/posts/openbsd-vpn-gateway/index.org +++ b/content/posts/openbsd-vpn-gateway/index.org @@ -356,4 +356,18 @@ updated. This way pf is always using the IP address currently assigned to the interface, even if it changes. - - =pass out on $vpn_if= Pass packets out on the OpenVPN interface. + - =pass out on $vpn_if= Pass packets out on the VPN tunnel interface + interface. + + After writing new PF rules, we can check our file for syntax errors + before loading it using the =pfctl= command. + + #+BEGIN_SRC shell + doas pfctl -nf /etc/pf.conf + #+END_SRC + + Assuming there are no errors, we can then load the rule set. + + #+BEGIN_SRC shell + dosa pfctl -f /etc/pf.conf + #+END_SRC |