From 399a6d950c8f7e7a2bda74d621a4f1e78dca3eb0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20M=E4kinen?= <tmakinen@foo.sh>
Date: Thu, 22 Oct 2009 14:39:45 +0300
Subject: [PATCH] Fixed pf.conf template to support OpenBSD 4.6.

---
 firewall/templates/pf.conf.erb | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/firewall/templates/pf.conf.erb b/firewall/templates/pf.conf.erb
index 71acd23..f99a46b 100644
--- a/firewall/templates/pf.conf.erb
+++ b/firewall/templates/pf.conf.erb
@@ -1,12 +1,9 @@
-# options
 set block-policy return
 set skip on lo0
 
-# scrub
-scrub in all no-df
-
-# filter rules
-block all
+match in all scrub (no-df)
+block in all
+pass out all
 
 pass in quick inet proto icmp all
 pass in quick inet6 proto icmp6 all
@@ -18,5 +15,3 @@ pass in quick proto <%= rule[1] %><% if rule[3] %> from<%= rule[3] %><% end %> t
 <% firewall_custom.each do |rule| -%>
 <%= rule %>
 <% end -%>
-
-pass out quick all