Validating a firewall configuration involves tests on a number of areas such as a fundamental review the firewall ruleset, performance throughput, and validation that traffic flows as expected (and where possible prevented where expected.)

  • Firewall Ruleset Review
    • pfctl
  • Performance / Throughput
    • tcpbench from base
    • tcpblast from ports/benchmarks
  • Traffic Flow
    • netcat from base
    • route, arp tables
    • tcpdump
      • pflog0
      • Interface/CARP-in
      • Interface/CARP-out
      • source host
      • destination host
  • nmap from ports/net