3. gw# ipfw add 50 count log ip from any to any via vr0
00050 count log logamount 120 ip from any to any via vr0
4. gw# ipfw show
00050 12285 2914615 divert 8668 ip from any to any via vr0
00050 0 0 count log logamount 120 ip from any to any via vr0
00100 64 7680 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
65000 12285 2914615 allow ip from any to any
65535 0 0 allow ip from any to any
gw#
5. ตัวอย่าง
ipfw add 1000 deny tcp from any to any 135
ipfw add 1001 deny udp from any to any 135-138
ifpw add 1002 deny tcp from any to any 139
ipfw add 1003 deny tcp from any to any 445
ipfw add 1004 deny udp from any to any 445
ipfw add 1005 deny tcp from any to any 593
ipfw add 1006 deny tcp from any to any 111
ipfw add 1007 deny udp from any to any 111
ipfw add 1008 deny tcp from any to any 515
ipfw add 1009 deny udp from any to any 515
ipfw add 1010 deny tcp from any to any 2049
ipfw add 1011 deny udp from any to any 2049
ipfw add 1012 deny tcp from any to any 2556
ipfw add 1013 deny tcp from any to any 1023
ipfw add 1014 deny tcp from any to any 6000-6009
ipfw add 1015 deny tcp from any to any 7100
ipfw add 1016 deny udp from any to any 69
ipfw add 1017 deny tcp from any to any 4444
ipfw add 1018 deny udp from any to any 990-999
ipfw add 1019 deny udp from any to any 8998
ipfw add 1020 deny udp from any to any 8998
ipfw add 1021 deny udp from any to any 123
ipfw add 1022 deny udp from any to any 2018-2021
ipfw add 1023 deny tcp from any to any 2018-2021
ipfw add 1024 deny tcp from any to any 36794
ipfw add 1025 deny tcp from any to any 3127-3198
ipfw add 1026 deny tcp from any to any 6777
ipfw add 1027 deny tcp from any to any 2535
ipfw add 1028 deny tcp from any to any 81
ipfw add 1029 deny tcp from any to any 37
ipfw add 1030 deny tcp from any to any 1434
ipfw add 1031 deny tcp from any to any 6789
ipfw add 1032 deny tcp from any to any 5554
ipfw add 1033 deny tcp from any to any 9996
ipfw add 1034 deny tcp from any to any 2745
ipfw add 1035 deny tcp from any to any 8866
ipfw add 4201 fwd 192.168.1.1,8080 tcp from 192.168.1.0/24 to any dst-port 80
ipfw add 4203 deny tcp from 192.168.1.0/24 to any 1863
ipfw add 4204 deny udp from 192.168.1.0/24 to any 1863
Subscribe to:
Post Comments (Atom)
0 comments
Post a Comment