forum.opennet.ru

Составление сообщения

Исходное сообщение

"IPFilter. Открытие/закрытие портов"
Отправлено teapot, 15-Ноя-08 12:06

Методом проб и ошибок был достигнут рабочий вариант.

pass out quick on lo0 proto ip from 127.0.0.0/8 to 127.0.0.0/8
pass in quick on lo0 proto ip from 127.0.0.0/8 to 127.0.0.0/8
block in quick on lo0 proto ip from any to 127.0.0.0/8
pass out quick on bce0 from 192.168.17.254  to any
pass out quick on bce0 from 192.168.50.254  to any
pass in quick on bce0 from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254  port = 10000
pass in quick on bce0 from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254  port = 10000
pass in quick on bce0 from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254  port = 110
pass in quick on bce0 from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254  port = 110
pass in quick on bce0 from any to 192.168.17.254  port = 8081
pass in quick on bce0 from any to 192.168.50.254 port = 8081
pass in quick on bce0 from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254  port = 22
pass in quick on bce0 from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254  port = 22
pass in quick on bce0 from any to 192.168.17.254  port = 25
pass in quick on bce0 from any to 192.168.50.254  port = 25
pass in quick on bce0 proto tcp from any port = 25 to 192.168.17.254
pass in quick on bce0 proto tcp from any port = 25 to 192.168.50.254
pass in quick on bce0 proto udp from any to 192.168.17.254  port = 53 keep frags
pass in quick on bce0 proto tcp from any to 192.168.17.254  port = 53 keep state keep frags
pass in quick on bce0 proto udp from any to 192.168.50.254  port = 53 keep frags
pass in quick on bce0 proto tcp from any to 192.168.50.254  port = 53 keep state keep frags
pass in quick on bse0 proto icmp from 192.168.17.0 mask 255.255.255.0 to any
pass in quick on bse0 proto icmp from 192.168.50.0 mask 255.255.255.0 to any
pass in quick on bse0 proto icmp from any to 192.168.17.254
pass in quick on bse0 proto icmp from any to 192.168.50.254
pass in quick on bce0 proto icmp from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254 icmp-type echo
pass in quick on bce0 proto icmp from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254 icmp-type echo
pass in quick on bce0 proto tcp from 192.168.17.0 mask 255.255.255.0 port = 8081 to 192.168.17.254 port = 8081
pass in quick on bce0 proto tcp from 192.168.50.0 mask 255.255.255.0 port = 8081 to 192.168.50.254 port = 8081
pass in quick on bce0 proto icmp from any to 192.168.17.254 icmp-type echorep
pass in quick on bce0 proto icmp from any to 192.168.50.254 icmp-type echorep
pass in quick on bce0 proto tcp from any port = 80 to 192.168.17.254
pass in quick on bce0 proto tcp from any port = 80 to 192.168.50.254
pass in quick on bce0 proto udp from any port = 53 to 192.168.17.254
pass in quick on bce0 proto udp from any port = 53 to 192.168.50.254
pass in quick on bce0 proto tcp from any port = 443 to 192.168.17.254
pass in quick on bce0 proto tcp from any port = 443 to 192.168.50.254
pass in quick on bce0 proto tcp from any port = 21 to 192.168.17.254
pass in quick on bce0 proto tcp from any port = 21 to 192.168.50.254
pass in quick on bce0 proto tcp from any port = 20 to 192.168.17.254
pass in quick on bce0 proto tcp from any port = 20 to 192.168.50.254
block out quick on bce0 from any to any
block in quick on bce0 from any to any

Исходное сообщение
"IPFilter. Открытие/закрытие портов" Отправлено teapot, 15-Ноя-08 12:06
Методом проб и ошибок был достигнут рабочий вариант. pass out quick on lo0 proto ip from 127.0.0.0/8 to 127.0.0.0/8 pass in quick on lo0 proto ip from 127.0.0.0/8 to 127.0.0.0/8 block in quick on lo0 proto ip from any to 127.0.0.0/8 pass out quick on bce0 from 192.168.17.254 to any pass out quick on bce0 from 192.168.50.254 to any pass in quick on bce0 from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254 port = 10000 pass in quick on bce0 from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254 port = 10000 pass in quick on bce0 from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254 port = 110 pass in quick on bce0 from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254 port = 110 pass in quick on bce0 from any to 192.168.17.254 port = 8081 pass in quick on bce0 from any to 192.168.50.254 port = 8081 pass in quick on bce0 from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254 port = 22 pass in quick on bce0 from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254 port = 22 pass in quick on bce0 from any to 192.168.17.254 port = 25 pass in quick on bce0 from any to 192.168.50.254 port = 25 pass in quick on bce0 proto tcp from any port = 25 to 192.168.17.254 pass in quick on bce0 proto tcp from any port = 25 to 192.168.50.254 pass in quick on bce0 proto udp from any to 192.168.17.254 port = 53 keep frags pass in quick on bce0 proto tcp from any to 192.168.17.254 port = 53 keep state keep frags pass in quick on bce0 proto udp from any to 192.168.50.254 port = 53 keep frags pass in quick on bce0 proto tcp from any to 192.168.50.254 port = 53 keep state keep frags pass in quick on bse0 proto icmp from 192.168.17.0 mask 255.255.255.0 to any pass in quick on bse0 proto icmp from 192.168.50.0 mask 255.255.255.0 to any pass in quick on bse0 proto icmp from any to 192.168.17.254 pass in quick on bse0 proto icmp from any to 192.168.50.254 pass in quick on bce0 proto icmp from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254 icmp-type echo pass in quick on bce0 proto icmp from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254 icmp-type echo pass in quick on bce0 proto tcp from 192.168.17.0 mask 255.255.255.0 port = 8081 to 192.168.17.254 port = 8081 pass in quick on bce0 proto tcp from 192.168.50.0 mask 255.255.255.0 port = 8081 to 192.168.50.254 port = 8081 pass in quick on bce0 proto icmp from any to 192.168.17.254 icmp-type echorep pass in quick on bce0 proto icmp from any to 192.168.50.254 icmp-type echorep pass in quick on bce0 proto tcp from any port = 80 to 192.168.17.254 pass in quick on bce0 proto tcp from any port = 80 to 192.168.50.254 pass in quick on bce0 proto udp from any port = 53 to 192.168.17.254 pass in quick on bce0 proto udp from any port = 53 to 192.168.50.254 pass in quick on bce0 proto tcp from any port = 443 to 192.168.17.254 pass in quick on bce0 proto tcp from any port = 443 to 192.168.50.254 pass in quick on bce0 proto tcp from any port = 21 to 192.168.17.254 pass in quick on bce0 proto tcp from any port = 21 to 192.168.50.254 pass in quick on bce0 proto tcp from any port = 20 to 192.168.17.254 pass in quick on bce0 proto tcp from any port = 20 to 192.168.50.254 block out quick on bce0 from any to any block in quick on bce0 from any to any

Ваше сообщение

Имя*:

EMail:

Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.

Заголовок*:

Сообщение*:

> Методом проб и ошибок был достигнут рабочий вариант.

> pass out quick on lo0 proto ip from 127.0.0.0/8 to 127.0.0.0/8 
> pass in quick on lo0 proto ip from 127.0.0.0/8 to 127.0.0.0/8 
> block in quick on lo0 proto ip from any to 127.0.0.0/8 
> pass out quick on bce0 from 192.168.17.254  to any 
> pass out quick on bce0 from 192.168.50.254  to any 
> pass in quick on bce0 from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254  
> port = 10000 
> pass in quick on bce0 from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254  
> port = 10000 
> pass in quick on bce0 from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254  
> port = 110 
> pass in quick on bce0 from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254  
> port = 110 
> pass in quick on bce0 from any to 192.168.17.254  port = 
> 8081 
> pass in quick on bce0 from any to 192.168.50.254 port = 8081 
 
> pass in quick on bce0 from 192.168.17.0 mask 255.255.255.0 to 192.168.17.254  
> port = 22 
> pass in quick on bce0 from 192.168.50.0 mask 255.255.255.0 to 192.168.50.254  
> port = 22 
> pass in quick on bce0 from any to 192.168.17.254  port = 
> 25 
> pass in quick on bce0 from any to 192.168.50.254  port = 
> 25 
> pass in quick on bce0 proto tcp from any port = 25 
> to 192.168.17.254 
> pass in quick on bce0 proto tcp from any port = 25 
> to 192.168.50.254 
> pass in quick on bce0 proto udp from any to 192.168.17.254  
> port = 53 keep frags 
> pass in quick on bce0 proto tcp from any to 192.168.17.254  
> port = 53 keep state keep frags 
> pass in quick on bce0 proto udp from any to 192.168.50.254  
> port = 53 keep frags 
> pass in quick on bce0 proto tcp from any to 192.168.50.254  
> port = 53 keep state keep frags 
> pass in quick on bse0 proto icmp from 192.168.17.0 mask 255.255.255.0 to 
> any 
> pass in quick on bse0 proto icmp from 192.168.50.0 mask 255.255.255.0 to 
> any 
> pass in quick on bse0 proto icmp from any to 192.168.17.254 
> pass in quick on bse0 proto icmp from any to 192.168.50.254 
> pass in quick on bce0 proto icmp from 192.168.17.0 mask 255.255.255.0 to 
> 192.168.17.254 icmp-type echo 
> pass in quick on bce0 proto icmp from 192.168.50.0 mask 255.255.255.0 to 
> 192.168.50.254 icmp-type echo 
> pass in quick on bce0 proto tcp from 192.168.17.0 mask 255.255.255.0 port 
> = 8081 to 192.168.17.254 port = 8081 
> pass in quick on bce0 proto tcp from 192.168.50.0 mask 255.255.255.0 port 
> = 8081 to 192.168.50.254 port = 8081 
> pass in quick on bce0 proto icmp from any to 192.168.17.254 icmp-type 
> echorep 
> pass in quick on bce0 proto icmp from any to 192.168.50.254 icmp-type 
> echorep 
> pass in quick on bce0 proto tcp from any port = 80 
> to 192.168.17.254 
> pass in quick on bce0 proto tcp from any port = 80 
> to 192.168.50.254 
> pass in quick on bce0 proto udp from any port = 53 
> to 192.168.17.254 
> pass in quick on bce0 proto udp from any port = 53 
> to 192.168.50.254 
> pass in quick on bce0 proto tcp from any port = 443 
> to 192.168.17.254 
> pass in quick on bce0 proto tcp from any port = 443 
> to 192.168.50.254 
> pass in quick on bce0 proto tcp from any port = 21 
> to 192.168.17.254 
> pass in quick on bce0 proto tcp from any port = 21 
> to 192.168.50.254 
> pass in quick on bce0 proto tcp from any port = 20 
> to 192.168.17.254 
> pass in quick on bce0 proto tcp from any port = 20 
> to 192.168.50.254 
> block out quick on bce0 from any to any 
> block in quick on bce0 from any to any

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру