--- wikisrc/users/imil/cheatsheet.mdwn	2012/07/25 21:26:34	1.7
+++ wikisrc/users/imil/cheatsheet.mdwn	2012/07/26 11:40:30	1.10
@@ -23,6 +23,7 @@ inet 172.16.0.1 netmask 0xffffffff alias
 
 [[!template  id=programlisting text="""
 $ cat /etc/ifconfig.re0
+up
 !dhcpcd $int
 """]]
 
@@ -52,6 +53,31 @@ media 100baseTX up
 inet6 2001:dead:beef:1::1 prefixlen 64
 """]]
 
+## Very basic pf rules for NAT and firewalling
+
+[[!template  id=programlisting text="""
+$ cat /etc/pf.conf
+ext_if="sip0"
+int_if="re0"
+
+nat on $ext_if from !($ext_if) -> ($ext_if:0)
+
+# allow outgoing traffic (S/A is implied)
+pass out on $ext_if
+# block all incoming traffic
+block in log on $ext_if
+"""]]
+
+## Setup WPA WiFi client
+
+[[!template  id=programlisting text="""
+# wpa_passphrase WPA-WiFi-SSID my-strong-passphrase >> /etc/wpa_supplicant.conf
+$ grep wpa /etc/rc.conf
+wpa_supplicant=YES
+wpa_supplicant_flags="-B -iath0 -c/etc/wpa_supplicant.conf"
+# /etc/rc.d/wpa_supplicant start
+"""]]
+
 ## Upgrade the system with binaries
 
 [[!template  id=programlisting text="""