SurgeTeam
下面是一些配置内容,我不太懂这些但是看上去好像没有什么特别的,我也没有改过/设置过什么内容
➜ ~ sudo pfctl -s info
Password:
No ALTQ support in kernel
ALTQ related functions disabled
Status: Enabled for 0 days 00:00:29 Debug: Urgent
State Table Total Rate
current entries 12
searches 8938 308.2/s
inserts 12 0.4/s
removals 0 0.0/s
Counters
match 7142 246.3/s
bad-offset 0 0.0/s
fragment 0 0.0/s
short 0 0.0/s
normalize 0 0.0/s
memory 0 0.0/s
bad-timestamp 0 0.0/s
congestion 0 0.0/s
ip-option 2 0.1/s
proto-cksum 0 0.0/s
state-mismatch 0 0.0/s
state-insert 0 0.0/s
state-limit 0 0.0/s
src-limit 0 0.0/s
synproxy 0 0.0/s
dummynet 0 0.0/s
invalid-port 0 0.0/s
➜ ~ sudo cat /etc/pf.conf
#
# Default PF configuration file.
#
# This file contains the main ruleset, which gets automatically loaded
# at startup. PF will not be automatically enabled, however. Instead,
# each component which utilizes PF is responsible for enabling and disabling
# PF via -E and -X as documented in pfctl(8). That will ensure that PF
# is disabled only when the last enable reference is released.
#
# Care must be taken to ensure that the main ruleset does not get flushed,
# as the nested anchors rely on the anchor point defined here. In addition,
# to the anchors loaded by this file, some system services would dynamically
# insert anchors into the main ruleset. These anchors will be added only when
# the system service is used and would removed on termination of the service.
#
# See pf.conf(5) for syntax.
#
#
# com.apple anchor point
#
scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"
➜ ~ sudo pfctl -sr
No ALTQ support in kernel
ALTQ related functions disabled
pass out on ! lo0 route-to lo0 inet proto tcp from any to <dohhosts> port = 443 flags S/SA keep state
pass out on ! lo0 route-to lo0 inet proto tcp from any to <ztnahosts> flags S/SA keep state
pass in quick on lo0 reply-to lo0 inet proto tcp from ! 127.0.0.0/8 to any flags S/SA keep state
➜ ~ sudo cat /etc/pf.anchors/com.apple
Password:
#
# com.apple ruleset, referred to by the default /etc/pf.conf file.
# See notes in that file regarding the anchor point in the main ruleset.
#
# Copyright (c) 2011 Apple Inc. All rights reserved.
#
#
# AirDrop anchor point.
#
anchor "200.AirDrop/*"
#
# Application Firewall anchor point.
#
anchor "250.ApplicationFirewall/*"