Yardımlarınızdan dolayi cok tesekkurederim arkadaslar ....
---------- Forwarded message ----------
From: Arda bozkurt <[EMAIL PROTECTED]>
Date: Apr 5, 2008 4:55 PM
Subject: Re: Fwd: [FreeBSD] ipfw ve kurallar...
To: freebsd@lists.enderunix.org
diger ip adreslerinide ayni sekilde kullanabilirsin mesela
ext_ip2="10.0.0.21"
ext_ip3="10.0.0.22"
gibi
disardan makinenin pinglenmesi normal
pass in quick on $ext_if inet proto icmp from any to $ext_ip keep state
bu kurali
block in quick on $ext_if inet proto icmp from any to $ext_ip keep state
seklinde degistirirsen sorununu halletmis olursun
iyi calismalar
Arda
2008/4/5 Sinan <[EMAIL PROTECTED]>:
>
> Arkadaslar portlar erisilebiliyor su anlik sıkıntım su , makinede 4
> tane daha ip adresi var asagıdada gordugunuz gibi bitane ip eklenebiliyor
> bu 4 ip yide bu kurallari kullansin nasil derim yani diğer 4 ip yide buna
> dahil etmek istiyorum ikinci sorun ping halen atilabilmesi makineme ping
> cekiklmesini istemiyorum, pf.conf asaya pasteledim cok tesekkurler
> saygilar...
>
>
>
>
> ext_if="le0"
>
> ext_ip="10.0.0.20"
>
> scrub in all
> pass quick on lo0 keep state
> pass in quick on $ext_if inet proto icmp from any to $ext_ip keep state
> pass in quick on $ext_if inet proto tcp from any to $ext_ip port {22, 80}
> keep state flags S/SA
>
> pass in quick on $ext_if inet proto tcp from any to $ext_ip port = 53 keep
> state flags S/SA
> pass in quick on $ext_if inet proto udp from any to $ext_ip port = 53 keep
> state
> pass out quick on $ext_if inet proto tcp all modulate state flags S/SA
> pass out quick on $ext_if inet proto { udp, icmp } all keep state
> block in quick all
> block out quick all
>
>
>
>
>
>
>
>
>
>
