Jump to content
Not connected, Your IP: 18.188.96.17
Sign in to follow this  
jessez

Block Traffic - VPN disconnect MacLion pf Only

Recommended Posts

Ahh, viscosity. Looked at it a while ago and forgot about it. Seems like a more polished app than Tunnelblick - though that's not hard.

Building support for Viscosity into the script(s) now - it takes virtually the same applescript syntax as tunnelblick. Have to handle a couple issues regarding kext conflict, but that's good control regardless. Also adding a load/flush of pf.conf rules. Fun fun. Will probably dump this up on github or similar so as to not clutter up the forum.

Of course, I may be the only person using this <grin>

Share this post


Link to post

I typed in a long reply on how to use IceFloor to allow additional services and devices on the local network, but the forum logged me out before I posted, so I'll have to give you the short version again (for ergolon).

Open IceFloor, open Advanced Options, open PF Rules tree and Configuration Editor. Open Advanced Filtering for adding local devices/services. Help buttons useful. Back up (jessez's) text from, pf.conf and save for later.

In Advanced filtering pane enter network addresses and services. Eg afp (apple file sharing):

port 548, protocol tcp, allowed IP list (192.168.x.xx)

port 548, protocol udp, allowed IP list (192.168.x.xx)

I clicked on Enter PF firewall and install boot scripts which overwrote pf.conf, but also provided a couple of lines in 800.icefloor.advanced, which I then pasted in via configuration editor for pf.conf, along with jessez's code.

Share this post


Link to post
Guest ergolon

Wow, thanks a lot, adamgrab... I´ll try that (soon)!

Sorry for answering so late... it´s been a busy time.

Share this post


Link to post

Ok this all goes WAAAAY about my head. I managed to setup an IPFW but i've now decided after reading and much deliberation PF is far superior and I'd like to prevent leakage with that.

I am running a mac osx 10.8.2 with viscosity as my client to connect to airvpn.

Would anyone be willing to give me guidance (step by step).

much appreciated

Share this post


Link to post

Hi, i am using PF frontend IceFloor in OS X mountain lion, i have configured all my rules, but i want to add: route all traffic over airvpn servers, i have noticed there are so many option to edit/add rules, tables, anchors; i am so confused, i don t know where to add or load configurations or rulesets, please could some one help me?


Thanks in Advance, sorry for the google translation

Share this post


Link to post

Hi adamgrab


Could you please tell me, what is the best way to add jessez's ruleset, to PF IceFloor? I am very confused, IceFloor has too many options,  and i don't want to mess up things


Thank you very much in advance

adamgrab, on 19 Oct 2012 - 11:36, said:

I typed in a long reply on how to use IceFloor to allow additional services and devices on the local network, but the forum logged me out before I posted, so I'll have to give you the short version again (for ergolon).

Open IceFloor, open Advanced Options, open PF Rules tree and Configuration Editor. Open Advanced Filtering for adding local devices/services. Help buttons useful. Back up (jessez's) text from, pf.conf and save for later.

In Advanced filtering pane enter network addresses and services. Eg afp (apple file sharing):
port 548, protocol tcp, allowed IP list (192.168.x.xx)
port 548, protocol udp, allowed IP list (192.168.x.xx)

I clicked on Enter PF firewall and install boot scripts which overwrote pf.conf, but also provided a couple of lines in 800.icefloor.advanced, which I then pasted in via configuration editor for pf.conf, along with jessez's code.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...