Şimdide şu hatayı veriyor hocam, ...
ext_if="le0"
ext_ip="{10.0.0.19 , 10.0.0.20 }"
scrub in all
pass quick on lo0 keep state
pass in quick on $ext_if inet proto tcp from any to $ext_ip port {22, 80,
21} keep state flags S/SA
pass in quick on $ext_if inet proto tcp from any to $ext_ip port = 53 keep
state flags S/SA
pass in quick on $ext_if inet proto udp from any to $ext_ip port = 53 keep
state
pass out log on $ext_if inet proto tcp from ($ext_if) port > 1023 \ to any
port ftp modulate state
pass out log on $ext_if inet proto tcp from ($ext_if) port > 1023 \ to any
port > 1023 modulate state
pass in log on $ext_if inet proto tcp from ($ext_if) port > 1023 \ to any
port > 1023 modulate state
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr on $ext_if proto tcp from any to any port 21 -> 127.0.0.1 \ port 8021
pass in on $ext_if proto tcp from any to any port 21 keep state
pass in on $ext_if proto tcp from any to any port > 49151 \ keep state
pass out quick on $ext_if inet proto tcp all modulate state flags S/SA
pass out quick on $ext_if inet proto { udp, icmp } all keep state
block in quick all
block out quick all
*************************************
[EMAIL PROTECTED] ~]# pfctl -f /etc/pf.conf
/etc/pf.conf:17: Rules must be in order: options, normalization, queueing,
translation, filtering
/etc/pf.conf:18: Rules must be in order: options, normalization, queueing,
translation, filtering
/etc/pf.conf:19: Rules must be in order: options, normalization, queueing,
translation, filtering
pfctl: Syntax error in config file: pf rules not loaded
[EMAIL PROTECTED] ~]#
