# Edit your /etc/pf/pf.conf
# If you are connected via ssh, make sure you allow connection to your ssh port!
vi /etc/pf/pf.conf

# Enable pf on your system
sysrc pf_enable="YES"
sysrc pf_rules="/etc/pf/pf.conf"

#  Start pf service/daemon
# If you are connected via SSH, you may be disconnected
service pf start

# Reload pf config if you make more changes to pf.conf
service pf reload

# To add an IP to the weblimit table
# This blocks one IP
# No need to reload pf if you add/remove from tables already defined in pf
pfctl -P -t weblimit -T add 192.168.0.253

# To add a subnet to the weblimit table
# This blocks all 192.168.0.* IPs
pfctl -P -t weblimit -T add 192.168.0.0/24

# To see what's in the table
pfctl -P -t weblimit -T show

# To save the table to disk (so it persists on reboot)
pfctl -P -t weblimit -T show >"/etc/pf/weblimit.table"

# To clear the table
pfctl -P -t weblimit -T expire 0
