bob bobing wrote:
> please paste the output of ipfstat -i -h, ipnat -l and
> the contens of your ipfrules file, and ipnatrules
> file.
>
> Just an FYI, ipnat happens before ipf, so your rules
> need to be written post nat.
hmm.. think that I donot how to do this. Maybe it is the cause of
failure. Anyway, firstly thank you for your kind attention. Now, for the
files:
:========== ipfstat -i -h
0 block in quick on rl0 from 192.168.0.0/24 to any
0 block in quick from 172.0.0.0/12 to any
0 block in quick from 10.0.0.0/8 to any
73 block in quick from 0.0.0.0/8 to any
0 block in quick from 169.254.0.0/16 to any
0 block in quick on rl0 from 127.0.0.0/8 to any
0 block in quick on rl1 from 127.0.0.0/8 to any
0 block in quick on rl2 from 127.0.0.0/8 to any
0 block in quick from 192.0.2.0/24 to any
0 block in quick from 204.152.64.0/23 to any
0 block in quick from 224.0.0.0/3 to any
0 block in log quick on rl0 from any to 192.168.1.0/32
0 block in log quick on rl0 from any to 192.168.1.255/32
0 block in quick from any to 192.168.1.89/32
149 block in quick from 192.168.1.89/32 to any
10 pass in quick on lo0 from any to any
0 pass in quick on gif0 from any to any
90274 pass in quick on rl2 from any to any
94465 pass in quick on rl0 from any to any
0 pass in quick proto tcp from any to any port = 22 keep state
145 pass in quick on rl1 proto tcp from any to any port = 25 keep state
0 pass in quick proto tcp from any to any port = 10000 keep state
13 pass in quick on rl1 proto tcp from any to any port = 53 keep state
268 pass in quick on rl1 proto udp from any to any port = 53 keep state
3770 block in quick on rl1 from any to any
0 pass in quick proto tcp/udp from any to any keep state keep frags
:================ ipnat -l (very long)
List of active MAP/Redirect filters:
map rl0 192.168.1.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
map rl0 192.168.1.0/24 -> 0.0.0.0/32
map rl0 192.168.10.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
map rl0 192.168.10.0/24 -> 0.0.0.0/32
rdr rl0 200.198.77.35/32 port 80 -> 192.168.10.2 port 80 tcp
rdr rl0 200.198.77.36/32 port 80 -> 192.168.10.2 port 80 tcp
rdr rl0 200.198.77.35/32 port 25 -> 192.168.10.2 port 25 tcp
rdr rl0 200.198.77.34/32 port 53 -> 192.168.10.2 port 53 tcp
rdr rl0 200.198.77.35/32 port 53 -> 192.168.10.2 port 53 tcp
rdr rl0 200.198.77.34/32 port 53 -> 192.168.10.2 port 53 udp
rdr rl0 200.198.77.35/32 port 53 -> 192.168.10.2 port 53 udp
List of active sessions:
MAP 192.168.1.216 1177 <- -> 200.198.77.34 1177 [64.4.56.7 80]
MAP 192.168.1.216 1175 <- -> 200.198.77.34 1175 [207.68.183.59 80]
MAP 192.168.1.242 2401 <- -> 200.198.77.34 2401 [200.176.3.142 80]
MAP 192.168.1.242 2400 <- -> 200.198.77.34 2400 [200.176.3.142 80]
MAP 192.168.1.242 2399 <- -> 200.198.77.34 2399 [200.176.2.94 80]
MAP 192.168.1.242 2397 <- -> 200.198.77.34 2397 [200.176.3.142 80]
MAP 192.168.1.242 2396 <- -> 200.198.77.34 2396 [200.176.3.142 80]
MAP 192.168.1.242 2394 <- -> 200.198.77.34 2394 [200.192.140.2 80]
MAP 192.168.1.242 2392 <- -> 200.198.77.34 2392 [200.177.228.134 80]
MAP 192.168.1.242 2391 <- -> 200.198.77.34 2391 [200.177.228.135 80]
MAP 192.168.1.236 1108 <- -> 200.198.77.34 1108 [206.65.183.110 80]
MAP 192.168.1.242 2390 <- -> 200.198.77.34 2390 [200.177.228.134 80]
MAP 192.168.1.242 2388 <- -> 200.198.77.34 2388 [200.177.228.135 80]
MAP 192.168.1.242 2386 <- -> 200.198.77.34 2386 [200.177.228.135 80]
MAP 192.168.10.2 2416 <- -> 200.198.77.34 2416 [200.221.24.86 25]
MAP 192.168.1.182 1651 <- -> 200.198.77.34 1651 [205.188.161.249 80]
MAP 192.168.1.236 1105 <- -> 200.198.77.34 1105 [206.65.183.110 80]
MAP 192.168.1.236 1104 <- -> 200.198.77.34 1104 [204.253.104.220 80]
MAP 192.168.1.236 1102 <- -> 200.198.77.34 1102 [65.57.83.12 80]
MAP 192.168.1.236 1101 <- -> 200.198.77.34 1101 [65.57.83.12 80]
MAP 192.168.1.236 1100 <- -> 200.198.77.34 1100 [206.65.183.110 80]
MAP 192.168.1.236 1099 <- -> 200.198.77.34 1099 [65.57.83.12 80]
MAP 192.168.1.236 1098 <- -> 200.198.77.34 1098 [65.57.83.12 80]
MAP 192.168.1.236 1097 <- -> 200.198.77.34 1097 [65.57.83.12 80]
MAP 192.168.1.182 1650 <- -> 200.198.77.34 1650 [64.12.174.185 80]
MAP 192.168.1.236 1096 <- -> 200.198.77.34 1096 [65.57.83.12 80]
MAP 192.168.1.236 1095 <- -> 200.198.77.34 1095 [65.57.83.12 80]
MAP 192.168.1.182 1649 <- -> 200.198.77.34 1649 [205.188.161.249 80]
MAP 192.168.1.236 1094 <- -> 200.198.77.34 1094 [65.57.83.12 80]
MAP 192.168.1.236 1093 <- -> 200.198.77.34 1093 [65.57.83.12 80]
MAP 192.168.1.236 1092 <- -> 200.198.77.34 1092 [65.57.83.12 80]
MAP 192.168.1.236 1091 <- -> 200.198.77.34 1091 [65.57.83.12 80]
MAP 192.168.1.236 1090 <- -> 200.198.77.34 1090 [65.57.83.12 80]
MAP 192.168.1.236 1089 <- -> 200.198.77.34 1089 [65.57.83.12 80]
MAP 192.168.1.236 1088 <- -> 200.198.77.34 1088 [65.57.83.12 80]
MAP 192.168.1.236 1087 <- -> 200.198.77.34 1087 [65.57.83.12 80]
MAP 192.168.1.236 1086 <- -> 200.198.77.34 1086 [206.65.183.110 80]
MAP 192.168.1.236 1084 <- -> 200.198.77.34 1084 [65.57.83.12 80]
MAP 192.168.1.236 1083 <- -> 200.198.77.34 1083 [65.57.83.12 80]
MAP 192.168.1.236 1082 <- -> 200.198.77.34 1082 [65.57.83.12 80]
RDR 192.168.10.2 53 <- -> 200.198.77.34 53 [200.205.123.27 53]
MAP 192.168.10.2 2411 <- -> 200.198.77.34 2411 [200.205.123.18 25]
RDR 192.168.10.2 80 <- -> 200.198.77.35 80 [200.243.64.163 3483]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [213.203.59.59 3013]
MAP 192.168.1.236 1078 <- -> 200.198.77.34 1078 [65.57.83.12 80]
MAP 192.168.1.236 1077 <- -> 200.198.77.34 1077 [65.57.83.12 80]
MAP 192.168.1.236 1076 <- -> 200.198.77.34 1076 [65.57.83.12 80]
MAP 192.168.1.236 1075 <- -> 200.198.77.34 1075 [65.57.83.12 80]
MAP 192.168.1.236 1074 <- -> 200.198.77.34 1074 [65.57.83.12 80]
MAP 192.168.1.236 1073 <- -> 200.198.77.34 1073 [65.57.83.12 80]
MAP 192.168.1.236 1072 <- -> 200.198.77.34 1072 [65.57.83.12 80]
MAP 192.168.1.236 1071 <- -> 200.198.77.34 1071 [65.57.83.12 80]
MAP 192.168.1.236 1070 <- -> 200.198.77.34 1070 [65.57.83.12 80]
MAP 192.168.1.236 1069 <- -> 200.198.77.34 1069 [65.57.83.12 80]
MAP 192.168.1.236 1068 <- -> 200.198.77.34 1068 [65.57.83.12 80]
MAP 192.168.1.236 1067 <- -> 200.198.77.34 1067 [65.57.83.12 80]
MAP 192.168.1.236 1066 <- -> 200.198.77.34 1066 [65.57.83.12 80]
MAP 192.168.1.236 1065 <- -> 200.198.77.34 1065 [65.57.83.12 80]
MAP 192.168.1.236 1064 <- -> 200.198.77.34 1064 [65.57.83.12 80]
MAP 192.168.1.236 1063 <- -> 200.198.77.34 1063 [65.57.83.12 80]
MAP 192.168.1.236 1062 <- -> 200.198.77.34 1062 [65.57.83.12 80]
MAP 192.168.1.236 1061 <- -> 200.198.77.34 1061 [65.57.83.12 80]
MAP 192.168.1.236 1060 <- -> 200.198.77.34 1060 [65.57.83.12 80]
MAP 192.168.1.236 1059 <- -> 200.198.77.34 1059 [65.57.83.12 80]
MAP 192.168.1.236 1058 <- -> 200.198.77.34 1058 [65.57.83.12 80]
MAP 192.168.1.236 1057 <- -> 200.198.77.34 1057 [65.57.83.12 80]
MAP 192.168.1.236 1056 <- -> 200.198.77.34 1056 [65.57.83.12 80]
MAP 192.168.1.236 1055 <- -> 200.198.77.34 1055 [65.57.83.12 80]
MAP 192.168.1.236 1054 <- -> 200.198.77.34 1054 [65.57.83.12 80]
MAP 192.168.1.236 1053 <- -> 200.198.77.34 1053 [65.57.83.12 80]
MAP 192.168.1.236 1052 <- -> 200.198.77.34 1052 [65.57.83.12 80]
MAP 192.168.1.236 1051 <- -> 200.198.77.34 1051 [65.57.83.12 80]
MAP 192.168.1.236 1050 <- -> 200.198.77.34 1050 [65.57.83.12 80]
MAP 192.168.1.236 1049 <- -> 200.198.77.34 1049 [65.57.83.12 80]
MAP 192.168.1.236 1048 <- -> 200.198.77.34 1048 [65.57.83.12 80]
MAP 192.168.1.236 1047 <- -> 200.198.77.34 1047 [65.57.83.12 80]
MAP 192.168.1.236 1046 <- -> 200.198.77.34 1046 [65.57.83.12 80]
MAP 192.168.1.236 1045 <- -> 200.198.77.34 1045 [65.57.83.12 80]
MAP 192.168.1.236 1043 <- -> 200.198.77.34 1043 [207.88.221.233 80]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [200.231.206.186
56831]
MAP 192.168.1.138 1435 <- -> 200.198.77.34 1435 [200.230.198.76 25]
MAP 192.168.1.182 1648 <- -> 200.198.77.34 1648 [205.188.161.249 80]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [149.244.249.1 61951]
MAP 192.168.1.182 1647 <- -> 200.198.77.34 1647 [205.188.161.249 80]
RDR 192.168.10.2 53 <- -> 200.198.77.35 53 [200.19.240.50 32772]
MAP 192.168.1.236 1037 <- -> 200.198.77.34 1037 [207.68.172.246 80]
MAP 192.168.1.236 1036 <- -> 200.198.77.34 1036 [207.68.172.246 80]
MAP 192.168.1.236 1035 <- -> 200.198.77.34 1035 [207.68.177.126 80]
MAP 192.168.1.182 1646 <- -> 200.198.77.34 1646 [205.188.161.248 80]
MAP 192.168.1.236 1034 <- -> 200.198.77.34 1034 [207.68.172.246 80]
MAP 192.168.1.182 1645 <- -> 200.198.77.34 1645 [205.188.161.249 80]
MAP 192.168.1.236 1032 <- -> 200.198.77.34 1032 [207.68.172.246 80]
MAP 192.168.1.236 1031 <- -> 200.198.77.34 1031 [207.68.172.246 80]
MAP 192.168.1.182 1644 <- -> 200.198.77.34 1644 [205.188.161.248 80]
MAP 192.168.1.182 1643 <- -> 200.198.77.34 1643 [205.188.161.248 80]
MAP 192.168.1.182 1642 <- -> 200.198.77.34 1642 [205.188.161.248 80]
MAP 192.168.1.182 1641 <- -> 200.198.77.34 1641 [205.188.161.249 80]
MAP 192.168.1.182 1640 <- -> 200.198.77.34 1640 [205.188.161.249 80]
MAP 192.168.1.182 1639 <- -> 200.198.77.34 1639 [205.188.161.249 80]
MAP 192.168.1.182 1638 <- -> 200.198.77.34 1638 [205.188.161.248 80]
MAP 192.168.1.182 1635 <- -> 200.198.77.34 1635 [205.188.161.248 80]
MAP 192.168.1.182 1634 <- -> 200.198.77.34 1634 [205.188.161.249 80]
MAP 192.168.1.182 1637 <- -> 200.198.77.34 1637 [205.188.161.248 80]
MAP 192.168.1.182 1636 <- -> 200.198.77.34 1636 [205.188.161.248 80]
MAP 192.168.1.182 1633 <- -> 200.198.77.34 1633 [205.188.161.249 80]
MAP 192.168.1.236 1030 <- -> 200.198.77.34 1030 [207.68.172.246 80]
MAP 192.168.1.236 1028 <- -> 200.198.77.34 1028 [207.46.197.101 80]
MAP 192.168.1.142 1046 <- -> 200.198.77.34 1046 [64.12.174.185 80]
MAP 192.168.1.142 1045 <- -> 200.198.77.34 1045 [207.200.89.225 80]
MAP 192.168.1.142 1044 <- -> 200.198.77.34 1044 [207.200.89.225 80]
MAP 192.168.1.142 1043 <- -> 200.198.77.34 1043 [207.200.89.225 80]
MAP 192.168.1.182 1632 <- -> 200.198.77.34 1632 [205.188.161.249 80]
MAP 192.168.1.142 1042 <- -> 200.198.77.34 1042 [207.200.89.225 80]
MAP 192.168.1.142 1041 <- -> 200.198.77.34 1041 [207.200.89.225 80]
MAP 192.168.1.142 1040 <- -> 200.198.77.34 1040 [207.200.89.225 80]
MAP 192.168.1.142 1039 <- -> 200.198.77.34 1039 [207.200.89.225 80]
MAP 192.168.1.142 1038 <- -> 200.198.77.34 1038 [207.200.89.225 80]
MAP 192.168.1.182 1631 <- -> 200.198.77.34 1631 [205.188.161.248 80]
MAP 192.168.1.138 1434 <- -> 200.198.77.34 1434 [200.230.198.76 25]
MAP 192.168.1.138 1432 <- -> 200.198.77.34 1432 [200.246.5.85 110]
MAP 192.168.1.182 1630 <- -> 200.198.77.34 1630 [205.188.161.249 80]
MAP 192.168.1.182 1629 <- -> 200.198.77.34 1629 [205.188.161.248 80]
MAP 192.168.1.182 1628 <- -> 200.198.77.34 1628 [205.188.161.248 80]
MAP 192.168.1.182 1627 <- -> 200.198.77.34 1627 [205.188.161.248 80]
MAP 192.168.1.211 2635 <- -> 200.198.77.34 2635 [200.185.15.114 80]
MAP 192.168.1.211 2634 <- -> 200.198.77.34 2634 [64.58.77.172 80]
MAP 192.168.1.211 2633 <- -> 200.198.77.34 2633 [64.58.77.172 80]
MAP 192.168.1.211 2632 <- -> 200.198.77.34 2632 [200.185.15.114 80]
MAP 192.168.1.211 2631 <- -> 200.198.77.34 2631 [200.185.15.115 80]
MAP 192.168.1.182 1626 <- -> 200.198.77.34 1626 [205.188.161.249 80]
MAP 192.168.1.182 1625 <- -> 200.198.77.34 1625 [205.188.161.249 80]
MAP 192.168.1.182 1624 <- -> 200.198.77.34 1624 [205.188.161.249 80]
MAP 192.168.1.182 1623 <- -> 200.198.77.34 1623 [205.188.161.248 80]
MAP 192.168.1.182 1622 <- -> 200.198.77.34 1622 [205.188.161.248 80]
MAP 192.168.1.182 1621 <- -> 200.198.77.34 1621 [205.188.161.248 80]
MAP 192.168.1.182 1620 <- -> 200.198.77.34 1620 [205.188.161.248 80]
MAP 192.168.1.182 1619 <- -> 200.198.77.34 1619 [205.188.161.249 80]
MAP 192.168.1.182 1618 <- -> 200.198.77.34 1618 [205.188.161.249 80]
MAP 192.168.1.138 1430 <- -> 200.198.77.34 1430 [200.246.5.85 110]
MAP 192.168.1.182 1617 <- -> 200.198.77.34 1617 [205.188.161.249 80]
MAP 192.168.1.155 1260 <- -> 200.198.77.34 1260 [200.198.184.38 80]
MAP 192.168.1.155 1258 <- -> 200.198.77.34 1258 [200.198.184.52 80]
MAP 192.168.1.155 1257 <- -> 200.198.77.34 1257 [200.198.184.52 80]
MAP 192.168.1.211 2630 <- -> 200.198.77.34 2630 [64.58.77.172 80]
MAP 192.168.1.211 2628 <- -> 200.198.77.34 2628 [200.185.15.114 80]
MAP 192.168.1.211 2627 <- -> 200.198.77.34 2627 [200.185.15.90 80]
MAP 192.168.1.182 1616 <- -> 200.198.77.34 1616 [205.188.161.249 80]
MAP 192.168.1.182 1615 <- -> 200.198.77.34 1615 [205.188.161.249 80]
MAP 192.168.1.155 1255 <- -> 200.198.77.34 1255 [208.184.29.70 80]
MAP 192.168.1.155 1254 <- -> 200.198.77.34 1254 [209.225.52.25 80]
MAP 192.168.1.155 1253 <- -> 200.198.77.34 1253 [209.225.52.25 80]
MAP 192.168.1.155 1251 <- -> 200.198.77.34 1251 [209.225.52.22 80]
MAP 192.168.1.155 1250 <- -> 200.198.77.34 1250 [209.225.52.22 80]
MAP 192.168.1.155 1247 <- -> 200.198.77.34 1247 [200.226.136.81 80]
MAP 192.168.1.155 1246 <- -> 200.198.77.34 1246 [200.226.136.81 80]
MAP 192.168.1.211 2625 <- -> 200.198.77.34 2625 [64.58.77.173 80]
MAP 192.168.1.211 2624 <- -> 200.198.77.34 2624 [200.185.15.115 80]
MAP 192.168.1.211 2623 <- -> 200.198.77.34 2623 [200.185.15.90 80]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [200.231.206.186
52871]
MAP 192.168.1.242 2380 <- -> 200.198.77.34 2380 [200.189.165.6 80]
MAP 192.168.1.182 1614 <- -> 200.198.77.34 1614 [205.188.161.249 80]
MAP 192.168.10.2 2395 <- -> 200.198.77.34 2395 [200.174.79.131 25]
MAP 192.168.1.182 1613 <- -> 200.198.77.34 1613 [205.188.161.248 80]
MAP 192.168.1.182 1612 <- -> 200.198.77.34 1612 [205.188.161.248 80]
MAP 192.168.1.242 2379 <- -> 200.198.77.34 2379 [200.189.165.6 80]
MAP 192.168.1.182 1611 <- -> 200.198.77.34 1611 [205.188.161.249 80]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [192.25.240.36 51817]
RDR 192.168.10.2 53 <- -> 200.198.77.34 53 [63.120.179.2 12755]
MAP 192.168.1.138 1429 <- -> 200.198.77.34 1429 [200.246.5.85 110]
MAP 192.168.1.155 1244 <- -> 200.198.77.34 1244 [200.185.61.212 80]
MAP 192.168.1.155 1242 <- -> 200.198.77.34 1242 [200.221.3.13 80]
MAP 192.168.1.155 1241 <- -> 200.198.77.34 1241 [200.221.3.13 80]
MAP 192.168.1.211 2620 <- -> 200.198.77.34 2620 [200.177.96.120 80]
MAP 192.168.1.138 1427 <- -> 200.198.77.34 1427 [200.246.5.85 110]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [200.205.95.10 45794]
MAP 192.168.1.211 2619 <- -> 200.198.77.34 2619 [200.177.96.120 80]
RDR 192.168.10.2 53 <- -> 200.198.77.35 53 [200.205.125.57 53]
MAP 192.168.1.182 1610 <- -> 200.198.77.34 1610 [64.12.174.185 80]
MAP 192.168.1.182 1609 <- -> 200.198.77.34 1609 [205.188.161.249 80]
MAP 192.168.1.211 2618 <- -> 200.198.77.34 2618 [200.177.96.120 80]
MAP 192.168.1.211 2613 <- -> 200.198.77.34 2613 [200.185.15.93 80]
MAP 192.168.1.211 2607 <- -> 200.198.77.34 2607 [200.221.31.136 80]
RDR 192.168.10.2 53 <- -> 200.198.77.35 53 [64.12.66.8 42074]
MAP 192.168.1.195 1084 <- -> 200.198.77.34 1084 [200.231.206.30 119]
RDR 192.168.10.2 53 <- -> 200.198.77.35 53 [192.111.39.1 3855]
RDR 192.168.10.2 53 <- -> 200.198.77.34 53 [200.18.76.17 1392]
MAP 192.168.1.195 1082 <- -> 200.198.77.34 1082 [200.231.206.30 119]
RDR 192.168.10.2 53 <- -> 200.198.77.34 53 [200.18.76.17 1389]
MAP 192.168.10.2 2357 <- -> 200.198.77.34 2357 [209.185.243.135 25]
RDR 192.168.10.2 53 <- -> 200.198.77.34 53 [200.201.133.20 1119]
MAP 192.168.1.242 2376 <- -> 200.198.77.34 2376 [200.189.165.6 80]
RDR 192.168.10.2 53 <- -> 200.198.77.34 53 [152.163.140.10 19117]
RDR 192.168.10.2 53 <- -> 200.198.77.35 53 [152.163.140.11 19986]
RDR 192.168.10.2 53 <- -> 200.198.77.35 53 [216.136.171.252
63553]
RDR 192.168.10.2 53 <- -> 200.198.77.34 53 [216.136.171.252
63530]
RDR 192.168.10.2 53 <- -> 200.198.77.34 53 [216.136.171.252
63518]
MAP 192.168.1.195 1080 <- -> 200.198.77.34 1080 [216.148.218.197 80]
MAP 192.168.1.195 1079 <- -> 200.198.77.34 1079 [216.148.218.197 80]
MAP 192.168.10.2 2323 <- -> 200.198.77.34 2323 [200.196.255.186 25]
MAP 192.168.1.130 1355 <- -> 200.198.77.34 1355 [213.203.58.52 80]
MAP 192.168.1.174 1170 <- -> 200.198.77.34 1170 [207.25.71.163 80]
MAP 192.168.1.205 1215 <- -> 200.198.77.34 1215 [164.109.51.98 80]
MAP 192.168.1.233 1401 <- -> 200.198.77.34 1401 [200.201.129.12 80]
MAP 192.168.1.233 1400 <- -> 200.198.77.34 1400 [200.201.129.12 80]
MAP 192.168.1.233 1399 <- -> 200.198.77.34 1399 [200.201.129.12 80]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [200.212.154.148 3184]
MAP 192.168.1.233 1238 <- -> 200.198.77.34 1238 [200.136.49.10 80]
MAP 192.168.1.135 1065 <- -> 200.198.77.34 1065 [200.177.100.70 80]
MAP 192.168.1.149 1157 <- -> 200.198.77.34 1157 [200.208.28.211 80]
MAP 192.168.1.149 1131 <- -> 200.198.77.34 1131 [200.244.143.232 8080]
MAP 192.168.1.216 1221 <- -> 200.198.77.34 1221 [207.68.182.59 80]
MAP 192.168.1.138 1311 <- -> 200.198.77.34 1311 [200.221.3.13 80]
MAP 192.168.10.2 4520 <- -> 200.198.77.34 4520 [200.173.157.194 25]
MAP 192.168.1.193 1040 <- -> 200.198.77.34 1040 [200.244.143.232 8080]
MAP 192.168.1.169 1987 <- -> 200.198.77.34 1987 [200.221.2.6 80]
MAP 192.168.1.160 1042 <- -> 200.198.77.34 1042 [209.73.225.9 80]
MAP 192.168.1.160 1041 <- -> 200.198.77.34 1041 [209.73.225.9 80]
MAP 192.168.1.140 1083 <- -> 200.198.77.34 1083 [170.66.1.150 443]
MAP 192.168.1.201 1031 <- -> 200.198.77.34 1031 [64.4.13.66 1863]
RDR 192.168.10.2 80 <- -> 200.198.77.35 80 [200.176.82.31 1210]
MAP 192.168.1.175 1332 <- -> 200.198.77.34 1332 [200.221.6.8 80]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [200.165.15.111 10017]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [200.165.15.111 10032]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [200.165.15.111 10064]
RDR 192.168.10.2 25 <- -> 200.198.77.35 25 [200.165.15.111 10044]
RDR 192.168.10.2 80 <- -> 200.198.77.36 80 [200.57.51.36 3289]
RDR 192.168.10.2 80 <- -> 200.198.77.35 80 [200.204.151.121
42723]
RDR 192.168.10.2 80 <- -> 200.198.77.35 80 [200.204.151.121
56497]
RDR 192.168.10.2 80 <- -> 200.198.77.35 80 [200.204.151.121 80]
RDR 192.168.10.2 80 <- -> 200.198.77.35 80 [200.170.42.182 1340]
:========== ipf.rules
block in quick on rl0 from 192.168.0.0/24 to any
block in quick from 172.16/12 to any
block in quick from 10.0.0.0/8 to any
block in quick from 0.0.0.0/8 to any
block in quick from 169.254.0.0/16 to any
block in quick on rl0 from 127.0.0.0/8 to any
block in quick on rl1 from 127.0.0.0/8 to any
block in quick on rl2 from 127.0.0.0/8 to any
block in quick from 192.0.2.0/24 to any
block in quick from 204.152.64.0/23 to any
block in quick from 224.0.0.0/3 to any
block in log quick on rl0 from any to 192.168.1.0/32
block in log quick on rl0 from any to 192.168.1.255/32
block in log quick on rl1 from any to any
pass out on rl1 proto tcp from any to any keep state
pass in quick on lo0
pass out quick on lo0
pass in quick on gif0
pass out quick on gif0
#pass in quick on rl1
#pass out quick on rl1
pass in quick on rl2
pass out quick on rl2
pass in quick on rl0
pass out quick on rl0
pass in quick proto tcp from any to any port = 22 keep state
pass in quick on rl1 proto tcp from any to any port = 25 keep state
pass in quick proto tcp from any to any port = 10000 keep state
pass in quick on rl1 proto tcp/udp from 192.168.10.2 to 192.168.10.1
port = 53 keep state
pass out quick on rl1 proto tcp from any to any keep state
pass out quick on rl1 proto udp from any to any keep state
block out quick on rl1 all
block in quick on rl1 all
pass out quick proto icmp from any to any keep state
pass out quick proto tcp/udp from any to any keep state keep frags
pass in quick proto tcp/udp from any to any keep state keep frags
:=========== ipnat.conf
map rl0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
map rl0 192.168.1.0/24 -> 0/32
map rl0 192.168.10.0/24 -> 0/32 proxy port ftp ftp/tcp
map rl0 192.168.10.0/24 -> 0/32
rdr rl0 200.198.77.35/32 port 80 -> 192.168.10.2 port 80
rdr rl0 200.198.77.36/32 port 80 -> 192.168.10.2 port 80
rdr rl0 200.198.77.35/32 port 25 -> 192.168.10.2 port 25
rdr rl0 200.198.77.34/32 port 53 -> 192.168.10.2 port 53
rdr rl0 200.198.77.35/32 port 53 -> 192.168.10.2 port 53
rdr rl0 200.198.77.34/32 port 53 -> 192.168.10.2 port 53 udp
rdr rl0 200.198.77.35/32 port 53 -> 192.168.10.2 port 53 udp
#rdr rl0 200.198.77.35/32 port 110 -> 192.168.10.2 port 110
:========== end of files.
TIA
--
sauda��es,
Irado Furioso com Tudo
Linux (SuSE) User 179402
tortura � sempre instrumento do estado, dos pais, dos professores..
sempre algu�m se imagina ter poder acima dos demais. Viva a anarquia!!!
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
