Update pf.conf

freebsd/resources/pf/pf.conf

@@ -1,14 +1,21 @@
+#ext_if="em0"
 set skip on lo0
 scrub in all
 
 antispoof for lo0
 table <fail2ban> persist
+table <pf-block> persist file "/etc/pf-block.conf"
+table <pf-pass> persist file "/etc/pf-pass.conf"
+pass in quick from <pf-pass> to any keep state
 
 pass out quick all
 pass quick on lo0 all
 
 block in all
 block in quick from <fail2ban>
+block in quick from <pf-block>
+#antispoof quick for $ext_if
+
 pass in quick inet proto icmp all
 pass in quick inet6 proto icmp6 all
 
@@ -16,9 +23,7 @@ pass in quick inet proto tcp from any to any port 22 keep state
 pass in quick inet proto tcp from any to any port 80 keep state
 pass in quick inet proto tcp from any to any port 443 keep state
 pass in quick inet proto tcp from any to any port 7443 keep state
-pass in quick inet proto tcp from any to any port 5060 keep state
-pass in quick inet proto udp from any to any port 5060 keep state
-pass in quick inet proto tcp from any to any port 5080 keep state
-pass in quick inet proto udp from any to any port 5080 keep state
+pass in quick inet proto tcp from any to any port 5060:5091 keep state
+pass in quick inet proto udp from any to any port 5060:5091 keep state
 pass in quick inet proto udp from any to any port 16384:32768 keep state