注册
个人空间
block out quick on em1 all group 1
#----------------------------------------------------------------
# Allow in all TCP, UDP, and ICMP traffic & keep state
#----------------------------------------------------------------
pass in quick on em1 all head 2
pass in quick on em1 proto tcp from 10.0.40.0/24 to any port = 22 flags S keep state group 2
block in quick on em1 proto tcp from any to any port = 22 flags S keep state group 2
pass in quick on em1 proto tcp from any to any keep state group 2
pass in quick on em1 proto udp from any to any keep state group 2
pass in quick on em1 proto icmp from any to any keep state group 2
block in quick on em1 all group 2
#################################################################
# Outside Interface
#################################################################
#----------------------------------------------------------------
#Block out all traffic to the private address
#----------------------------------------------------------------
block out quick on em0 all head 11
block out quick on em0 from any to 192.168.0.0/16 group 11
block out quick on em0 from any to 172.16.0.0/12 group 11
block out quick on em0 from any to 10.0.0.0/8 group 11
block out quick on em0 from any to 127.0.0.0/8 group 11
block out quick on em0 from any to 0.0.0.0/8 group 11
block out quick on em0 from any to 169.254.0.0/16 group 11
block out quick on em0 from any to 192.0.2.0/24 group 11
block out quick on em0 from any to 204.152.64.0/23 group 11
block out quick on em0 from any to 224.0.0.0/3 group 11
block out quick on em0 from any to 20.20.20.0/24 group 11
#----------------------------------------------------------------
# Allow out all TCP, UDP, and ICMP traffic & keep state on it
| 论坛热门帖子: | [lch203] 写得蛮好的linux学习笔记(10-21) [黑马制造] 学习java的30个目标(10-19) [笑傲股林] 做测试半年了,有点迷茫,应该再学些什么提高自己的测试水平和测试能力呢?(10-19) [udp8589] 大家用google的来吱一声? 用百度的~~也来报道下?(10-18) [沂偌掳兆] 本人总结的一些认为C++比较经典的书籍,希望对大家有用(10-18) |
| TAG标签: | 代理 上网 透明 实现 /usr/local/beifen.sh 回复 ## a1.b1.c1.d1 |
