Validating Traffic Flow

Validating a firewall configuration involves tests on a number of areas such as a fundamental review the firewall ruleset, performance throughput, and validation that traffic flows as expected (and where possible prevented where expected.)

  • Firewall Ruleset Review * pfctl
  • Performance / Throughput * tcpbench from base * tcpblast from ports/benchmarks
  • Traffic Flow * netcat from base * route, arp tables * tcpdump * pflog0 * Interface/CARP-in * Interface/CARP-out * source host * destination host
  • nmap from ports/net