Merhaba, Kaçtane ethernet kartı var? kurallarda sadece fxp0 gözüküyor.
Pts 04 Eki 2004 19:18 tarihinde, Mesut GÜLNAZ şunları yazmıştı: > bir firewall kurmaya çalıştım. > > kernel e > > options IPFILTER #ipfilter support > options IPFILTER_LOG #ipfilter logging > > desteğini verdim ve ona göre derledim > > rc.conf a > > ipfilter_enable="YES" > ipfilter_program="/sbin/ipf" > ipfilter_rules="/etc/ipf.rules" > ipfilter_flags="-E" > ipfs_enable="YES" > ipmon_enable="YES" > ipmon_program="/sbin/ipmon" > ipmon_flags="-Ds" > ipnat_enable="YES" > ipnat_program="/sbin/ipnat" > ipnat_rules="/etc/ipnat.rules" > ipnat_flags="" > > satırlarını ekledim > > daha sonra > > su-2.05b# ipf -Fa -f /etc/ipf.rules > su-2.05b# > > hata almadım... Ama sorun şu ki çalıştığını pek sanmıyorum! > > su-2.05b# ipf -Fa -f /etc/ipf.rules > su-2.05b# ipftest > no rules loaded > > > VE > > su-2.05b# ipfstat > IPv6 packets: in 0 out 10 > input packets: blocked 0 passed 378 nomatch 144 counted 0 short 0 > output packets: blocked 0 passed 456 nomatch 65 counted 0 short 0 > input packets logged: blocked 0 passed 0 > output packets logged: blocked 0 passed 0 > packets logged: input 0 output 0 > log failures: input 0 output 0 > fragment state(in): kept 0 lost 0 > fragment state(out): kept 0 lost 0 > packet state(in): kept 0 lost 0 > packet state(out): kept 0 lost 0 > ICMP replies: 0 TCP RSTs sent: 0 > Invalid source(in): 0 > Result cache hits(in): 209 (out): 366 > IN Pullups succeeded: 0 failed: 0 > OUT Pullups succeeded: 0 failed: 0 > Fastroute successes: 0 failures: 0 > TCP cksum fails(in): 0 (out): 0 > Packet log flags set: (0) > none > > KURALLAR ise şöyle > > su-2.05b# cat /etc/ipf.rules > pass out quick on lo0 > pass in quick on lo0 > pass in on fxp0 > pass out on fxp0 > block in log quick on fxp0 proto tcp from any to any port = 135 > block in log quick on fxp0 proto tcp from any to any port = 137 > block in log quick on fxp0 proto tcp from any to any port = 138 > block in log quick on fxp0 proto tcp from any to any port = 139 > block in log quick on fxp0 proto tcp from any to any port = 445 > block in log quick on fxp0 proto tcp from any to any port = 707 > block in log quick on fxp0 proto tcp from any to any port = 1214 > block in log quick on fxp0 proto tcp from any to any port = 4829 > block out log quick on fxp0 proto tcp from any to any port = 135 > block out log quick on fxp0 proto tcp from any to any port = 137 > block out log quick on fxp0 proto tcp from any to any port = 138 > block out log quick on fxp0 proto tcp from any to any port = 139 > block out log quick on fxp0 proto tcp from any to any port = 445 > block out log quick on fxp0 proto tcp from any to any port = 707 > block out log quick on fxp0 proto tcp from any to any port = 1214 > block out log quick on fxp0 proto tcp from any to any port = 4829 > pass in log quick on fxp0 proto tcp from xxx.xxx.xxx.xxx to any port 4659 > >< 4713 flags S keep state pass out log quick on fxp0 proto tcp from > xxx.xxx.xxx.xxx to any port 4659 >< 4713 flags S keep state block in log > quick on fxp0 proto tcp from any to any port 4659 >< 4713 block out log > quick on fxp0 proto tcp from any to any port 4659 >< 4713 > > VE > > su-2.05b# ls -l /etc/ipf.rules > -rw-r--r-- 1 root wheel 1448 Oct 4 18:40 /etc/ipf.rules > su-2.05b# > > sorun ne olabilir? > > teşekkürler! --------------------------------------------------------------------- Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
