FreeDSB -Metin Tipărire

  • FreeBSD, Metin, firewall, firewall rules
  • 140

pentru metin se foloseste ipfw si setarile de mai jos :

 

- vi /etc/rc.conf

 

firewall_enable="YES"

firewall_script="/usr/local/etc/ipfw.rules"

 

- vi /usr/local/etc/ipfw.rules

 

PF="ipfw -q add"

ipfw -q -f flush

 

#loopback

$IPF 10 allow all from any to any via lo0

$IPF 20 deny all from any to 127.0.0.0/8

$IPF 30 deny all from 127.0.0.0/8 to any

$IPF 40 deny tcp from any to any frag

 

# statefull

$IPF 50 check-state

$IPF 60 allow tcp from any to any established

$IPF 70 allow all from any to any out keep-state

 

# SYN

$IPF 102 deny tcp from any to any tcpflags syn,fin

$IPF 104 deny tcp from any to any tcpflags syn,rst

 

# SSH

$IPF 110 allow tcp from 109.197.81.13 to any 22 in

$IPF 120 allow tcp from 109.197.81.13 to any 22 out

- start firewall :

sh /usr/local/etc/ipfw.rules


Răspunsul a fost util?

« înapoi

Powered by WHMCompleteSolution