Velka vdaka, moc ste mi pomohli. PF sice pouzivam na taketo jednoduche blokovanie niekolko rokov, ale syntax zial nepoznam. Zial v manuali som naozaj taketo zakladne priklady nenasiel. A pritom, toto sa da pouzivat elegantne aj na SSH, takze cakal by som, ze takychto prikladov najdem na internete vela.
Frantisek ne 6. 6. 2021 o 12:18 Marián Černý <[email protected]> napísal(a): > Frantisek Hennel wrote: > > > > Dakujem za pomoc, ale nefunguje mi to. > > > > pass in quick on $ext_if from 10.1.1.0/24 to ($ext_if) port 3306 > > /etc/pf.conf:4: port only applies to tcp/udp > > Sorry, chýba tam "proto tcp”. > > pass in quick on $ext_if proto tcp from 10.1.1.0/24 to ($ext_if) port 3306 > block drop in log (all) quick on $ext_if proto tcp from any to ($ext_if) > port 3306 > > Alebo v jednom pravidle, ako to písal schrodinger: > > block drop in log (all) quick on $ext_if proto tcp from ! 10.1.1.0/24 to > ($ext_if) port 3306 > > (alebo zjednodušene:) > > block in log quick on $ext_if proto tcp from ! 10.1.1.0/24 to any port > 3306 > > Marián > -- > FreeBSD mailing list ([email protected]) > http://www.freebsd.cz/listserv/listinfo/users-l > -- FreeBSD mailing list ([email protected]) http://www.freebsd.cz/listserv/listinfo/users-l
