FreeBSD/OpenBSD PF firewall

beastiq · Napísal **beastiq**: 23.04.2015 18:30

Čaute, robí niekto vo firewalle Packet Filter v systéme FreeBSD, resp. OpenBSD ?

JanoF · Napísal **JanoF**: 23.04.2015 18:34

Co take by si potreboval? Konkretizuj otazku.

beastiq · Napísal autor témy **beastiq**: 23.04.2015 19:08

Hladam niekoho, kto vie napisat uplne jednoduchu zakladnu konfiguraciu firewallu PF.

JanoF · Napísal **JanoF**: 23.04.2015 19:25

Toto je konfiguracia co som pouzival ja na svojom fbsd co som si spravoval par rokov dozadu:

Kód:

# Settings
if = "re0"
local = "{127.0.0.1,10.20.51.111,217.0.0.1}"
ip = "{10.20.51.111}"
ircip = "{195.168.2.141,193.87.79.111}"

# Default deny
block on $if all

# Default TCP policy
pass in on $if proto tcp from $ip to any port ssh
pass in on $if proto tcp from any to any port {80,443}
pass in on $if proto tcp from $ip to any port 1723
pass in on $if proto tcp from $ircip to any port 113
pass out on $if proto tcp from any to any

# Default UDP policy
pass in on $if proto udp from $local to any port {161,162}
pass out on $if proto udp from any to any

# Default ICMP policy
pass out on $if proto icmp from any to any

Blokoval som tam vsetko az na par vynimiek ako je ssh len z lokalnej siete, porty pre irc len pre irc server kvoli identu

FreeBSD/OpenBSD PF firewall

Podobné témy