OpenBSD PacketFilter (PF) firewall

Flush all (nat, filter, queue, state, info, table) rules and reload from the file /etc/pf.conf

pfctl -Fa -f /etc/pf.conf

Disable the packet filter

pfctl -d

Enable the packet filter

pfctl -e

Report on the currently loaded filter ruleset.

pfctl -s rules

Report on the currently loaded nat ruleset.

pfctl -s nat

Report on the currently running state table (very useful).

pfctl -s state

This does not actually load any rules, but allows you to check for errors in the file before you do load the ruleset. This is obviously good for testing.

pfctl -v -n -f /etc/pf.conf