| Current Path : /etc/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
| Current File : //etc/ipfw.conf |
# # ipfw.conf # ipfw add allow ip from any to any via lo0 ipfw add deny ip from any to 127.0.0.0/8 ipfw add deny ip from 127.0.0.0/8 to any # # LAN # ipfw add allow ip from 10.10.0.0/16 to me ipfw add allow ip from me to 10.10.0.0/16 ipfw add allow ip from 10.10.0.0/16 to 10.10.0.0/16 # # established TCP connection # ipfw add allow tcp from any to any established # # fragments # ipfw add allow ip from any to any frag # # from LAN to Internet # ipfw add allow tcp from 10.10.0.0/16 to any setup ipfw add allow tcp from me to any setup # # UDP # ipfw add allow udp from any to any 53 ipfw add allow udp from any 53 to any ipfw add allow udp from any 123 to any 123 keep-state ipfw add deny udp from any to me 123 #ipfw add allow udp from any to any 161 #ipfw add allow udp from any 161 to any # # UDP traceroute # ipfw add allow udp from any 32768-65535 to any 33434-33523 # # TCP # ipfw add allow tcp from any to me 20 ipfw add allow tcp from any to me 21 ipfw add allow tcp from any to me 22 ipfw add allow tcp from any to me 25 #ipfw add allow tcp from any to me 53 ipfw add allow tcp from any to me 80 ipfw add allow tcp from any to me 110 ipfw add allow tcp from any to me 443 ipfw add allow tcp from any to me 465 ipfw add allow tcp from any to me 587 ipfw add allow tcp from any to me 995 ipfw add allow tcp from any to me 50000-51000 keep-state # # ICMP # ipfw add allow icmp from any to any # # GRE # #ipfw add allow gre from any to any # # deny all with logging # ipfw add deny log ip from any to any