$Id: README,v 1.1 2002/10/20 19:41:59 haver Exp $ You will probably need OpenBSD-current in order to compile and run rpfcd. Assuming you've downloaded a snapshot, do the following: $ tar zxf rpfcd-VERSION.tar.gz $ cd rpfcd-VERSION edit rpfcd.h and change #define RPFCD_UID to an unprivileged UID you have on your own system. $ make You should now have a rpfcd binary ready. Copy rpfcd.users and cert.pem to /etc/rpfcd/. To run rpfcd (in foreground mode), type $ sudo rpfcd You will be prompted to enter the passphrase to decrypt the private key (found in /etc/rpfcd/cert.pem). Type 'password' and press enter. Open another terminal and use the included simple 'rpfclient' client. If you have Net::SSLeay installed, go ahead and type, $ ./rpfclient 127.0.0.1 2620 If all goes well, you should see something like following: Connecting to 127.0.0.1 on port 2620 SSL connection established (cipher 'DES-CBC3-SHA') Getting pf uptime Authentication required Authenticating (rpfcd:passwor) ... Failed. Authenticating (rpfcd:password) ... Successful. Getting pf uptime Uptime: 0 days 12 hours 30 minutes and 47 seconds Getting counter statistics match 233243, bad-offset 0, fragment 0, short 0, normalize 0 Getting loaded filter rules @0 scrub in all fragment reassemble @1 block out log on xl0 all @2 block in on xl0 all @3 block return-rst out on xl0 proto tcp all @4 block return-rst in log on xl0 proto tcp all @5 block return-icmp out on xl0 proto udp all @6 block return-icmp in on xl0 proto udp all @7 block in log from no-route to any @8 block out log quick on xl0 inet from ! 10.0.3.20 to any @9 block in quick on xl0 inet from any to 255.255.255.255 @10 block in quick on xl0 inet from 127.0.0.1/8 to any @11 block in quick on xl0 inet from 192.168.0.0/16 to any @12 block in quick on xl0 inet from 172.16.0.0/12 to any @13 pass in quick on lo0 all @14 pass out quick on lo0 all @15 pass out on xl0 proto udp all keep state @16 pass out on xl0 proto tcp all modulate state @17 pass out on xl0 inet proto icmp all icmp-type echoreq code 0 keep state @18 pass in on xl0 inet proto icmp all icmp-type echoreq code 0 keep state Terminating connection Done If not, watch the terminal where you started rpfcd for debug/error messages.