Validating Traffic Flow
Validating a firewall configuration involves tests on a number of areas
such as a fundamental review the firewall ruleset, performance throughput,
and validation that traffic flows as expected (and where possible prevented
where expected.)
- Firewall Ruleset Review
* pfctl
- Performance / Throughput
* tcpbench from base
* tcpblast from ports/benchmarks
- Traffic Flow
* netcat from base
* route, arp tables
* tcpdump
* pflog0
* Interface/CARP-in
* Interface/CARP-out
* source host
* destination host
- nmap from ports/net