Re: [FreeBSD] ipfw kurallarým çalýţmýyor yardým

ďż˝mer Tue, 03 May 2005 22:55:03 -0700

kuralları karşılaştırdım ipfw show komutu ile baktığımda çalışanlar ile yazılı olanlar aynı.

Özkan KIRIK <[EMAIL PROTECTED]> wrote:

Mrb Ömer bey,
kurallari calistirdiginiz zaman nasil bir hata aliyorsunuz?
calisan kurallar ile yazili olan kurallari karsilastirdiniz mi?

ipfw show

komutunun sonucu ile sizin kurallariniz ayni mi?

Saygilarimla,
Özkan KIRIK
EnderUNIX Yazilim Gelistirme Takimi
Yazilim Gelistiricisi

Ömer Koyun wrote:

> merhaba arkadaţlar
>
> ipfw.rules dosyamdaki kurallar aţađýdaki gibi olursa çalýţmýyor
>
> #define oif rl0
> #define oip 1.2.3.4
> #define onet 1.2.3.4:255.255.255.248
> #define iif1 rl1
> #define iip1 10.0.0.254
> #define inet1 10.0.0.0/24
> add divert natd all from any to any via oif
> add allow tcp from any to any established
> add allow all from any to any frag
> add allow tcp from any to any 25
> add allow tcp from any 25 to any
> add allow tcp from any to any 110
> add allow tcp from any 110 to any
> add allow udp from any to any 53 via rl0
> add allow udp from any 53 to any via rl0
> add allow udp from any to any 53 via rl1
> add allow udp from any 53 to any via rl1
> add deny tcp from 10.0.0.28/32 to any 80
> add deny tcp from 10.0.0.40/32 to any 80
> add deny tcp from 10.0.0.52/32 to any 80
> add deny tcp from 10.0.0.48/32 to any 80
> add deny tcp from 10.0.0.48/32 to any 1863
> add deny tcp from 10.0.0.48/32 to 207.46.104.20/24
> add deny tcp from 10.0.0.48/32 to 207.46.110.20/24
> add deny tcp from 10.0.0.48/32 to 64.4.13.0/24
> add deny tcp from 10.0.0.31/32 to any 80
> add deny tcp from 10.0.0.31/32 to any 1863
> add deny tcp from 10.0.0.31/32 to 207.46.104.20/24
> add deny tcp from 10.0.0.31/32 to 207.46.110.20/24
> add deny tcp from 10.0.0.31/32 to 64.4.13.0/24
> add deny tcp from 10.0.0.33/32 to any 80
> add deny tcp from 10.0.0.33/32 to any 1863
> add deny tcp from 10.0.0.33/32 to 207.46.104.20/24
> add deny tcp from 10.0.0.33/32 to 207.46.110.20/24
> add deny tcp from 10.0.0.33/32 to 64.4.13.0/24
> add deny tcp from 10.0.0.50/32 to any 80
> add deny tcp from 10.0.0.50/32 to any 1863
> add deny tcp from 10.0.0.50/32 to 207.46.104.20/24
> add deny tcp from 10.0.0.50/32 to 207.46.110.20/24
> add deny tcp from 10.0.0.50/32 to 64.4.13.0/24
> add deny tcp from 10.0.0.16/32 to any 80
> add deny tcp from 10.0.0.41/32 to any 80
> add deny tcp from 10.0.0.41/32 to any 1863
> add deny tcp from 10.0.0.41/32 to 207.46.104.20/24
> add deny tcp from 10.0.0.41/32 to 207.46.110.20/24
> add deny tcp from 10.0.0.41/32 to 64.4.13.0/24
> add deny tcp from 10.0.0.36/32 to any 80
> add deny tcp from 10.0.0.36/32 to any 1863
> add deny tcp from 10.0.0. 36/32 to 207.46.104.20/24
> add deny tcp from 10.0.0.36/32 to 207.46.110.20/24
> add deny tcp from 10.0.0.36/32 to 64.4.13.0/24
> add deny tcp from 10.0.0.45/32 to any 80
> add deny tcp from 10.0.0.45/32 to any 25
> add deny tcp from 10.0.0.45/32 to any 110
> add deny tcp from 10.0.0.29/32 to any 1863
> add deny tcp from 10.0.0.29/32 to any 207.46.104.20/24
> add deny tcp from 10.0.0.29/32 to any 207.46.110.20/24
> add deny tcp from 10.0.0.29/32 to 64.4.13.0/24
> add deny tcp from 10.0.0.13/32 to any 80
> add deny tcp from 10.0.0.7/32 to any 80
> add deny tcp from 10.0.0.11/32 to any 80
> add allow all from any to any
> add allow udp from oip to any out via oif keep-state
> add allow udp from oip to any in via oif keep-state
> add allow icmp from any to any via rl0
> add allow icmp from any to any via rl1
>
>
>
> FAKAT BU AŢAĐIDAKÝ GÝBÝ OLURSA ÇALIŢIYOR. BUNUN NEDENÝ NE LABÝLÝR
> NERDE HATA YAPMIŢ OLABÝLÝRÝM.
>
> #define oif rl0
> #define oip 1.2.3.4
> #define onet 1.2.3.4:255.255.255.248
> #define iif1 rl1
> #define iip1 10.0.0.254
> #define inet1 10.0.0.0/24
> add divert natd all from any to any via oif
> add allow tcp from any to any established
> add allow all from any to any frag
> add allow tcp from any to any 25
> add allow tcp from any 25 to any
> add allow tcp from any to any 110
> add allow tcp from any 110 to any
> add allow udp from any to any 53 via rl0
> add allow udp from any 53 to any via rl0
> add allow udp from any to any 53 via rl1
> add allow udp from any 53 to any via rl1
> add allow all from any to any
> add allow udp from oip to any out via oif keep-state
> add allow udp from oip to any in via oif keep-state
> add allow icmp from any to any via rl0
> add allow icmp from any to any via rl1
>
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>

---------------------------------------------------------------------
Cikmak icin, e-mail: [EMAIL PROTECTED]
Liste arsivi: http://lists.enderunix.org
Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

Re: [FreeBSD] ipfw kurallarým çalýţmýyor yardým

Cevap