aries/firewall/README.md

# Firewall (pf)
The firewall of choice is pf as it is one of the top performing packet filters for FreeBSD.

## Rules
Since I want this server to be as close a _router replacement_ as possible, I wanted to make adding hosts to a _port forward_ list simple. Since the firewall is NATing from public to private, `rdr` rules are included before the `pass` rules.

## DNS Redirect
I also wanted to ensure that this machine will be the only place that any device on my local network goes to for DNS lookup. To do this, I created a `/etc/pf_public_dns.table` IP table containing the most popular public DNS servers. Any device that tries to connect to one of these servers will get routed to my DNS server (located on the aries as well).
Created README.md 2020-03-18 15:47:57 -04:00			`# Firewall (pf)`
updates, formatting 2020-03-18 15:55:32 -04:00			`The firewall of choice is pf as it is one of the top performing packet filters for FreeBSD.`

			`## Rules`
			Since I want this server to be as close a _router replacement_ as possible, I wanted to make adding hosts to a _port forward_ list simple. Since the firewall is NATing from public to private, `rdr` rules are included before the `pass` rules.

			`## DNS Redirect`
			I also wanted to ensure that this machine will be the only place that any device on my local network goes to for DNS lookup. To do this, I created a `/etc/pf_public_dns.table` IP table containing the most popular public DNS servers. Any device that tries to connect to one of these servers will get routed to my DNS server (located on the aries as well).