Re: [BSD] ipfw - monitorozás
Sebestyén Gábor
gabor.sebestyen at freemail.hu
2002. Dec. 9., H, 14:56:12 CET
Voilá!
00100 deny ip from 10.0.0.0/24 to any in recv ed0
00200 deny ip from 10.0.1.0/24 to any in recv ed0
00300 deny ip from 80.98.10.0/23 to any in recv rl0
00400 deny ip from 80.98.10.0/23 to any in recv dc0
00500 deny ip from any to 10.0.0.0/8 via ed0
00600 deny ip from any to 172.16.0.0/12 via ed0
00700 deny ip from any to 192.168.0.0/16 via ed0
00800 deny ip from any to 0.0.0.0/8 via ed0
00900 deny ip from any to 169.254.0.0/16 via ed0
01000 deny ip from any to 192.0.2.0/24 via ed0
01100 deny ip from any to 224.0.0.0/4 via ed0
01200 deny ip from any to 240.0.0.0/4 via ed0
01300 divert 8668 ip from any to any via ed0
01400 deny ip from 10.0.0.0/8 to any via ed0
01500 deny ip from 172.16.0.0/12 to any via ed0
01600 deny ip from 192.168.0.0/16 to any via ed0
01700 deny ip from 0.0.0.0/8 to any via ed0
01800 deny ip from 169.254.0.0/16 to any via ed0
01900 deny ip from 192.0.2.0/24 to any via ed0
02000 deny ip from 224.0.0.0/4 to any via ed0
02100 deny ip from 240.0.0.0/4 to any via ed0
02101 deny tcp from any to any 2234
02102 deny tcp from any to any 5534
02103 deny tcp from any to any 2232
02104 deny tcp from any to any 5535
02105 deny tcp from any 5534 to any
02106 deny tcp from any 2234 to any
02107 deny tcp from any 2242 to any
02200 allow tcp from any to any established
02300 allow ip from any to any frag
02400 allow tcp from any to 80.98.10.39 25 setup
02500 allow tcp from any to 80.98.10.39 53 setup
02600 allow udp from any to 80.98.10.39 53
02700 allow udp from 80.98.10.39 53 to any
02800 allow tcp from any to 10.0.0.1 53 setup
02900 allow udp from any to 10.0.0.1 53
03000 allow udp from 10.0.0.1 to any
03100 allow tcp from any to 10.0.1.1 53 setup
03200 allow udp from any to 10.0.1.1 53
03300 allow udp from 10.0.1.1 to any
03400 allow tcp from any to 127.0.0.1 53 setup
03500 allow udp from any to 127.0.0.1 53
03600 allow udp from 127.0.0.1 to any
03700 allow tcp from any to 80.98.10.39 22 setup
03800 allow tcp from any to 80.98.10.39 25 setup
03900 allow icmp from any to any
04000 deny log tcp from any to any in recv ed0 setup
04100 allow tcp from any to any setup
04200 allow udp from 80.98.10.39 to any 53 keep-state
04300 allow udp from any to any
04400 allow ip from any to any via rl0
04500 allow ip from any to any via dc0
04600 allow tcp from any to 80.98.10.39 389 via ed0
04700 allow tcp from any to 80.98.10.39 522 via ed0
04800 allow tcp from any to 80.98.10.39 1503 via ed0
04900 allow tcp from any to 80.98.10.39 1720 via ed0
05000 allow tcp from any to 80.98.10.39 1731 via ed0
05100 allow udp from any to 80.98.10.39 1024-65535 via ed0
05200 allow udp from 80.98.10.39 to any 123 keep-state
65535 deny ip from any to any
További információk a(z) BSD levelezőlistáról