quais as regras do ipfw?
> set optimization normal > set ruleset-optimization basic > set timeout interval 10 > set timeout frag 30 > set skip on lo0 > set debug none > set limit frags 4096 > set state-policy floating > set require-order yes > > if = "en1" > scrub in all > > # Quebra pacotes mal formados > scrub all reassemble tcp > scrub out all no-df max-mss 1492 random-id > antispoof for $if inet > > #icmp_types="echoreq" > > block in > pass out > > # loopback is good > pass in quick on lo0 all > pass out quick on lo0 all > > antispoof quick for $if inet > > # allow icmp > #pass in inet proto icmp all icmp-type $icmp_types > > block in on $if inet proto icmp from ! 192.168.1.5 to any icmp-type 8 code 0 > > # allow dns queries > pass out on $if proto udp from any to any port 53 > > # pass http traffic > pass out on $if proto tcp from $if to any port 80 flags S/SA > > # pass ftp traffic > pass out on $if proto tcp from $if to any port { 21 , 20 } flags S/SA > > pass in quick inet proto { tcp, udp } from any to any port = 16000 > pass out quick inet proto { tcp, udp } from any to any port = 16000 > pass in quick inet proto { tcp, udp } from any to any port = 16003 > pass out quick inet proto { tcp, udp } from any to any port = 16003 > pass in quick inet proto { tcp, udp } from any to any port = 51413 > pass out quick inet proto { tcp, udp } from any to any port = 51413 > pass in quick inet proto { tcp, udp } from any to any port = 38772 > pass out quick inet proto { tcp, udp } from any to any port = 38772 > > pass in quick inet proto udp from any to any port = 123 > pass out quick inet proto udp from any to any port = 123 > pass in quick inet proto udp from any to any port = 192 > pass out quick inet proto udp from any to any port = 192 > pass in quick inet proto tcp from any to any port = 443 > pass out quick inet proto tcp from any to any port = 443 > pass in quick inet proto tcp from any to any port = 548 > pass out quick inet proto tcp from any to any port = 548 > pass in quick inet proto udp from any to any port = 5353 > pass out quick inet proto udp from any to any port = 5353 > > # Ativa a proteção contra falsificações para todas as interfaces > block in quick from urpf-failed > > # block scans com nmap > block in quick proto tcp flags FUP/WEUAPRSF > block in quick proto tcp flags WEUAPRSF/WEUAPRSF > block in quick proto tcp flags SRAFU/WEUAPRSF > block in quick proto tcp flags /WEUAPRSF > block in quick proto tcp flags SR/SR > block in quick proto tcp flags SF/SF > block drop in quick on $if from any os { NMAP } > > pass on lo0 all > > ----- > Cabral Bandeira > > > > > ------------------------- > Histórico: http://www.fug.com.br/historico/html/freebsd/ > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd > ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd