真不好意思,因為我在設定機器
沒想到一設以後重開我就連不上了
想請問一下這樣設有沒有問題
IPF="ipfw -q add"
ipfw -q -f flush
#loopback
$IPF 10 allow all from any to any via lo0
$IPF 20 deny all from any to 127.0.0.0/8
$IPF 30 deny all from 127.0.0.0/8 to any
$IPF 40 deny tcp from any to any frag
# statefull
#$IPF 50 check-state
#$IPF 60 allow tcp from any to any established
#$IPF 70 allow all from any to any out keep-state
#[ssh]
$IPF 130 allow tcp from any to $OIP 22 setup
#[send mail]
$IPF 130 allow tcp from $OIP to any 25 setup
#[http]
$IPF 140 allow tcp from any to $OIP 80 setup
#[ssl]
$IPF 160 allow tcp from any to $OIP 443 setup
# Allow Normal icmp
$IPF pass allow from any to any icmptype 3
$IPF pass allow from any to any icmptype 4
$IPF pass allow from any to any icmptype 11
$IPF 190 deny tcp from any to any in setup
$IPF 200 allow tcp from any to any setup
#Allow NTP queries out in the world
$IPF 210 allow udp from ${OIP} to any 123
# deny and log everything
$IPF 500 deny log all from any to any
$OIP 是我那張網卡的ip..
想請問是否有什麼問題..已經連不上了orz..謝謝
--
沒想到一設以後重開我就連不上了
想請問一下這樣設有沒有問題
IPF="ipfw -q add"
ipfw -q -f flush
#loopback
$IPF 10 allow all from any to any via lo0
$IPF 20 deny all from any to 127.0.0.0/8
$IPF 30 deny all from 127.0.0.0/8 to any
$IPF 40 deny tcp from any to any frag
# statefull
#$IPF 50 check-state
#$IPF 60 allow tcp from any to any established
#$IPF 70 allow all from any to any out keep-state
#[ssh]
$IPF 130 allow tcp from any to $OIP 22 setup
#[send mail]
$IPF 130 allow tcp from $OIP to any 25 setup
#[http]
$IPF 140 allow tcp from any to $OIP 80 setup
#[ssl]
$IPF 160 allow tcp from any to $OIP 443 setup
# Allow Normal icmp
$IPF pass allow from any to any icmptype 3
$IPF pass allow from any to any icmptype 4
$IPF pass allow from any to any icmptype 11
$IPF 190 deny tcp from any to any in setup
$IPF 200 allow tcp from any to any setup
#Allow NTP queries out in the world
$IPF 210 allow udp from ${OIP} to any 123
# deny and log everything
$IPF 500 deny log all from any to any
$OIP 是我那張網卡的ip..
想請問是否有什麼問題..已經連不上了orz..謝謝
--
All Comments