scrub in all fragment reassemble block drop in on ! lo inet from 127.0.0.0/8 to any block drop in on ! lo inet6 from ::1 to any block drop in inet6 from ::1 to any block drop in on lo0 inet6 from fe80::1 to any block drop in on vr0 inet6 from fe80::211:d8ff:fef8:a192 to any block drop in on rl0 inet6 from fe80::202:44ff:fe19:54df to any block drop in inet from 127.0.0.1 to any block drop in on ! rl0 inet from 10.0.0.0/23 to any block drop in inet from 10.0.0.254 to any block drop in quick on vr0 from any os "NMAP" to any block return log quick from <brute> to any pass in on vr0 proto tcp from any to any port = ssh flags S/SA keep state (source-track rule, max-src-conn-rate 5/1, overload <brute> flush global, src.track 1) block return-rst in quick proto tcp all block return-icmp(port-unr, port-unr) in quick proto udp all block return log quick on vr0 from <badHosts> to any block return log quick on vr0 from any to <badHosts> anchor "ftp-proxy/*" all pass out all flags S/SA keep state pass in quick on rl0 all flags S/SA keep state pass in quick on tun0 all flags S/SA keep state
- Sergio Augusto Vladisauskis -> Analista de Sistemas e Administrador de Rede -> Jaboatão dos Guararapes - PE -> Fone: +55 81 3468 6301 -> Celular: +55 81 9288 2803 -> Skype: sergiovl-work -> Registered Linux User: 305281 Em Qui, 2008-05-15 às 18:19 -0300, Alex Moura escreveu: > Envie a saída do comando: > > pfctl -s rules > ------------------------- > Histórico: http://www.fug.com.br/historico/html/freebsd/ > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
signature.asc
Description: Esta é uma parte de mensagem assinada digitalmente
------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
