########################
# tcpdump tcp port www #
########################
12:23:56.149316 44.199.41.224.57807 > XXX.XXX.X.XXX.www: S
1731400694:1731400694(0) win
16384
12:23:56.149422 189.51.106.160.64931 > XXX.XXX.X.XXX.www: S
1731400698:1731400698(0) win
16384
12:23:56.149541 193.133.170.224.49847 > XXX.XXX.X.XXX.www: S
1731400701:1731400701(0) win
16384
12:23:56.149574 126.242.168.112.20303 > XXX.XXX.X.XXX.www: S
1731400707:1731400707(0) win
16384
12:23:56.149587 74.225.231.224.30362 > XXX.XXX.X.XXX.www: S
1731400702:1731400702(0) win
16384
12:23:56.149972 113.94.43.0.42092 > XXX.XXX.X.XXX.www: S
1731400723:1731400723(0) win 16384
12:23:56.150051 151.86.43.96.53096 > XXX.XXX.X.XXX.www: S
1731400726:1731400726(0) win
16384
12:23:56.150197 35.104.228.128.64803 > XXX.XXX.X.XXX.www: S
1731400730:1731400730(0) win
16384
12:23:56.150199 207.177.228.192.51134 > XXX.XXX.X.XXX.www: S
1731400731:1731400731(0) win
16384
12:23:56.150318 205.53.104.128.18612 > XXX.XXX.X.XXX.www: S
1731400739:1731400739(0) win
16384
12:23:56.150498 35.170.152.222.3144 > XXX.XXX.X.XXX.www: S
1731400746:1731400746(0) win
16384
12:23:56.150499 214.73.107.0.55561 > XXX.XXX.X.XXX.www: S
1731400752:1731400752(0) win
16384
12:23:56.150580 205.154.108.96.52123 > XXX.XXX.X.XXX.www: S
1731400745:1731400745(0) win
16384
12:23:56.150840 15.94.233.64.47668 > XXX.XXX.X.XXX.www: S
1731400759:1731400759(0) win
16384
12:23:56.150842 132.95.160.192.54369 > XXX.XXX.X.XXX.www: S
1731400757:1731400757(0) win
16384
12:23:56.151033 125.52.110.208.58296 > XXX.XXX.X.XXX.www: S
1731400769:1731400769(0) win
16384
12:23:56.151047 51.157.45.192.22687 > XXX.XXX.X.XXX.www: S
1731400772:1731400772(0) win
16384
12:23:56.151129 66.92.166.64.10063 > XXX.XXX.X.XXX.www: S
1731400776:1731400776(0) win
16384
12:23:56.151130 194.13.36.80.22216 > XXX.XXX.X.XXX.www: S
1731400778:1731400778(0) win
16384
12:23:56.151144 145.62.106.0.6511 > XXX.XXX.X.XXX.www: S
1731400782:1731400782(0) win 16384
12:23:56.151255 140.7.96.240.8282 > XXX.XXX.X.XXX.www: S
1731400785:1731400785(0) win 16384
12:23:56.151532 72.58.103.160.17235 > XXX.XXX.X.XXX.www: S
1731400793:1731400793(0) win
16384
12:23:56.151650 1.132.166.160.2090 > XXX.XXX.X.XXX.www: S
1731400800:1731400800(0) win
16384
12:23:56.151860 27.216.174.160.52066 > XXX.XXX.X.XXX.www: S
1731400804:1731400804(0) win
16384
12:23:56.152015 176.50.43.192.60268 > XXX.XXX.X.XXX.www: S
1731400814:1731400814(0) win
16384
12:23:56.152017 145.19.102.16.6164 > XXX.XXX.X.XXX.www: S
1731400811:1731400811(0) win
16384
12:23:56.152031 12.40.168.32.23147 > XXX.XXX.X.XXX.www: S 1731400818^C
1588327 packets received by filter ----->only 5 min!!!!!!!!!
1320697 packets dropped by kernel
################
# /etc/pf.conf #
################
ext_if=\"fxp0\"
int_if=\"rl0\"
web_server=\"192.168.0.1\"
pcanywhere_port=\"5631\"
sql=\"1433\"
#table <spamd> persist
#table <spamd-white> persist
scrub in
rdr on $ext_if proto tcp from any to $ext_if port www -> $web_server port www
rdr on $ext_if proto tcp from any to port $pcanywhere_port -> \\
$web_server port $pcanywhere_port
rdr on $ext_if proto tcp from any to port $sql -> $web_server port $sql
rdr on $ext_if proto tcp from any to port 1434 -> $web_server port 1434
rdr on $ext_if proto tcp from any to port 21 -> $web_server port 21
rdr on $ext_if proto udp from any to port 53 -> $web_server port 53
nat on $ext_if from !($ext_if) -> ($ext_if:0)
block return
block in log proto tcp all
block in log proto udp all
pass quick on { lo $int_if }
antispoof quick for { lo $int_if }
pass in log on $ext_if inet proto tcp to $ext_if port ssh flags S/SA keep state
pass in log on $ext_if inet proto tcp to $web_server port 21 flags S/SA
synproxy state
pass in log on $ext_if inet proto tcp to $web_server port $sql flags S/SA
synproxy state
pass in log on $ext_if inet proto tcp to $web_server port 1434 flags S/SA
synproxy state
pass in log on $ext_if inet proto tcp to $web_server port $pcanywhere_port
flags S/SA synproxy state
pass in on $ext_if inet proto tcp to $web_server port www flags S/SA synproxy
state
pass in on $ext_if inet proto udp to $web_server port 53 keep state
pass out on $ext_if proto { tcp, udp, icmp } from any to any modulate state
----
iGENUS is a free webmail interface, NO fee, download
---------------------------------------------------------
please visit http://www.qmail.org
