Re: [freebsd] ipf ve no rules!

[Serhat Selahattin Umar]

Merhaba, Evet simdi rule setinde hangi rula lara match ettigi acikca görünüyor, ben bir problem göremedim. Mesela bu kurala firewall üzerinden gecen paketler 6 kez takilmis, 6 block out log quick on fxp0 proto tcp from any to any port = 1214 ayrica block kurallarindan sonra izin verdiginiz kurala da 95219 kez pass etmis... 95219 pass out on fxp0 from any to any Tavsiye olarak firewall rule yazarken önce herseyi kapatip daha sonra gereken port ve hostlara yetkiler vermek daha mantikli olur kanaatindeyim,  sayin Murat Balaban'in ipfilter howto sunu okudunuzmu? Selamlar, Serhat Mesut GÜLNAZ wrote: su-2.05b# ipfstat -hio 40812 pass out quick on lo0 from any to any 0 block out log quick on fxp0 proto tcp from any to any port = 135 0 block out log quick on fxp0 proto tcp from any to any port = 137 0 block out log quick on fxp0 proto tcp from any to any port = 138 0 block out log quick on fxp0 proto tcp from any to any port = 139 0 block out log quick on fxp0 proto tcp from any to any port = 445 0 block out log quick on fxp0 proto tcp from any to any port = 707 6 block out log quick on fxp0 proto tcp from any to any port = 1214 0 block out log quick on fxp0 proto tcp from any to any port = 4829 0 pass out log quick on fxp0 proto tcp from 172.16.0.5/32 to any port 4659 >< 4713 flags S/FSRPAU keep state 13 block out log quick on fxp0 proto tcp from any to any port 4659 >< 4713 95219 pass out on fxp0 from any to any 40812 pass in quick on lo0 from any to any 0 block in log quick on fxp0 proto tcp from any to any port = 135 0 block in log quick on fxp0 proto tcp from any to any port = 137 0 block in log quick on fxp0 proto tcp from any to any port = 138 0 block in log quick on fxp0 proto tcp from any to any port = 139 612387 block in log quick on fxp0 proto tcp from any to any port = 445 0 block in log quick on fxp0 proto tcp from any to any port = 707 0 block in log quick on fxp0 proto tcp from any to any port = 1214 0 block in log quick on fxp0 proto tcp from any to any port = 4829 0 pass in log quick on fxp0 proto tcp from 172.16.0.5/32 to any port 4659 >< 4713 flags S/FSRPAU keep state 0 block in log quick on fxp0 proto tcp from any to any port 4659 >< 4713 74668 pass in on fxp0 from any to any su-2.05b# --------------------------------------------------------------------- Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]