IPFilter関連スレッド vol1 (223レス)
IPFilter関連スレッド vol1 http://mevius.5ch.net/test/read.cgi/unix/1041932696/
上
下
前
次
1-
新
通常表示
512バイト分割
レス栞
176: 名無しさん@お腹いっぱい。 [] 04/12/29 21:43:15 ルールは # pfctl -sr scrub in on ng1 all fragment reassemble block return in quick on ng1 from <bann_ip> to any block return in quick on ng1 proto tcp from any to any port = loc-srv block return in quick on ng1 proto tcp from any to any port = netbios-ns block return in quick on ng1 proto tcp from any to any port = netbios-ssn block return in quick on ng1 proto tcp from any to any port = microsoft-ds block return in quick on ng1 proto udp from any to any port = loc-srv block return in quick on ng1 proto udp from any to any port = netbios-ns block return in quick on ng1 proto udp from any to any port = netbios-ssn block return in quick on ng1 proto udp from any to any port = microsoft-ds pass in quick on lo0 all pass in quick on dc1 all pass in all pass out all block return in log on ng1 all pass in log on ng1 inet proto udp from (ng1) to 224.0.0.0/4 pass in on ng1 proto tcp from <office_ip> to (ng1) port = ssh keep state pass out on ng1 proto tcp all keep state pass out on ng1 proto udp all keep state pass out on ng1 proto icmp all keep state block return out on ng1 inet proto udp from any to 224.0.0.0/4 port = 1900 pass in on ng1 inet proto tcp from any to (ng1) user = 62 keep state # pfctl -sn nat on ng1 inet from 192.168.0.0/24 to any -> (ng1) round-robin rdr on dc1 inet proto tcp from any to ! 192.168.0.0/24 port = ftp -> 127.0.0.1 port 8021 と、特に怪しくないはずだけど。pfってまだ駄目? http://mevius.5ch.net/test/read.cgi/unix/1041932696/176
メモ帳
(0/65535文字)
上
下
前
次
1-
新
書
関
写
板
覧
索
設
栞
歴
あと 47 レスあります
スレ情報
赤レス抽出
画像レス抽出
歴の未読スレ
AAサムネイル
Google検索
Wikipedia
ぬこの手
ぬこTOP
0.012s