From fbc4be10ff4649893d6e6626ba48e0862a158c54 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Mon, 25 Mar 2019 22:57:16 -0600
Subject: [PATCH] Update pf.conf

---
 freebsd/resources/pf/pf.conf | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/freebsd/resources/pf/pf.conf b/freebsd/resources/pf/pf.conf
index 6bf7e22..61a8847 100755
--- a/freebsd/resources/pf/pf.conf
+++ b/freebsd/resources/pf/pf.conf
@@ -1,14 +1,21 @@
+#ext_if="em0"
 set skip on lo0
 scrub in all
 
 antispoof for lo0
 table <fail2ban> persist
+table <pf-block> persist file "/etc/pf-block.conf"
+table <pf-pass> persist file "/etc/pf-pass.conf"
+pass in quick from <pf-pass> to any keep state
 
 pass out quick all
 pass quick on lo0 all
 
 block in all
 block in quick from <fail2ban>
+block in quick from <pf-block>
+#antispoof quick for $ext_if
+
 pass in quick inet proto icmp all
 pass in quick inet6 proto icmp6 all
 
@@ -16,9 +23,7 @@ pass in quick inet proto tcp from any to any port 22 keep state
 pass in quick inet proto tcp from any to any port 80 keep state
 pass in quick inet proto tcp from any to any port 443 keep state
 pass in quick inet proto tcp from any to any port 7443 keep state
-pass in quick inet proto tcp from any to any port 5060 keep state
-pass in quick inet proto udp from any to any port 5060 keep state
-pass in quick inet proto tcp from any to any port 5080 keep state
-pass in quick inet proto udp from any to any port 5080 keep state
+pass in quick inet proto tcp from any to any port 5060:5091 keep state
+pass in quick inet proto udp from any to any port 5060:5091 keep state
 pass in quick inet proto udp from any to any port 16384:32768 keep state