/etc/authpf/authpf.rules,
# Services which live on the internal network # and need to be accessible tcp_services = "{ 22, 25, 53, 80, 110, 113, 995 }" udp_services = "{ 53 }" tcp_in = " { 22, 25, 53, 80, 993, 2317, pop3}" udp_in = "{ 53 }" # Pass traffic to elsewhere, that is the outside world pass in on $wi_if inet from <authpf_users> to ! $int_if:network \ keep state # Let authenticated users use services on # the internal network. pass in on $wi_if inet proto tcp from <authpf_users> to $server \ port $tcp_in keep state pass in on $wi_if inet proto udp from <authpf_users> to $server \ port $udp_in keep state # Also pass to external address. This means you can access # internal services on external addesses. pass in on $wi_if inet proto tcp from <authpf_users> to $myaddr \ port $tcp_in keep state pass in on $wi_if inet proto udp from <authpf_users> to $myaddr \ port $udp_in keep state