■掲示板に戻る■ 全部 1- 最新50

あなたのipfw見せてください。

1 :名無しさん@お腹いっぱい。 :02/04/04 16:02
色々な書籍やwebに設定例が載っていますが、
他人のipfwを見てみたいと思った事はないですか?
みんなで公表して、みんなで添削しちゃいましょう。
IPFW="/sbin/ipfw"
ALLOW="allow log"
DENY="deny log"
ipfw -q -f flush
${IPFW} 100 add ${ALLOW} icmp from any to any
${IPFW} 200 add ${ALLOW} ip from any to any via lo0
${IPFW} 300 add ${DENY} ip from any to any via tun0 frag
${IPFW} 400 add ${ALLOW} ip from 192.168.1.0/24 to any via ed0
${IPFW} 410 add ${ALLOW} ip from any to 192.168.1.0/24 via ed0
${IPFW} 500 add ${DENY} ip from 192.168.1.0/24 to any recv tun0
${IPFW} 510 add ${DENY} ip from 127.0.0.1 to any recv tun0
${IPFW} 520 add ${DENY} ip from any to 127.0.0.0/8
${IPFW} 530 add ${DENY} ip from 127.0.0.0/8 to any
${IPFW} 600 add ${DENY} tcp from any 137-139,445 to any
${IPFW} 610 add ${DENY} udp from any 137-139,445 to any
${IPFW} 620 add ${DENY} tcp from any to any 137-139,445
${IPFW} 630 add ${DENY} udp from any to any 137-139,445
${IPFW} 900 add divert 8668 ip from any to any via tun0
${IPFW} 1000 add ${ALLOW} tcp from any to any established
${IPFW} 1010 add ${ALLOW} ip from any to any out via tun0
${IPFW} 1300 add ${ALLOW} udp from any to any 53
${IPFW} 1310 add ${ALLOW} udp from any 53 to any
${IPFW} 1400 add ${ALLOW} tcp from any to 192.168.1.10 80 setup
${IPFW} 1410 add ${ALLOW} tcp from any to 192.168.1.10 443 setup
${IPFW} 1500 add ${ALLOW} tcp from any to 192.168.1.10 25 setup
${IPFW} 1600 add ${ALLOW} udp from any 123 to any
${IPFW} 1700 add ${ALLOW} udp from any 161 to any
${IPFW} 1800 add ${ALLOW} tcp from any to 192.168.1.10 110 setup
${IPFW} 1900 add ${ALLOW} tcp from any to 192.168.1.10 20 setup
${IPFW} 1910 add ${ALLOW} udp from any to 192.168.1.10 20
${IPFW} 1920 add ${ALLOW} tcp from any to 192.168.1.10 21 setup
${IPFW} 1930 add ${ALLOW} udp from any to 192.168.1.10 21
${IPFW} 1940 add ${ALLOW} tcp from any to 192.168.1.10 7000-7500
${IPFW} 1950 add ${ALLOW} udp from any to 192.168.1.10 7000-7500
${IPFW} 2000 add ${ALLOW} udp from any 4000 to any in recv tun0
${IPFW} 2100 add ${ALLOW} tcp from any to 192.168.1.10 22 setup
${IPFW} 9900 add ${DENY} tcp from any to any
${IPFW} 20000 add ${ALLOW} udp from any to any keep-state out via tun0
${IPFW} 20010 add check-state
${IPFW} 20020 add ${DENY} udp from any to any
です。
おてやわらかに。





新着レスの表示
掲示板に戻る 全部 前100 次100 最新50
名前: E-mail (省略可) :

read.cgi ver5.26+ (01/10/21-)