注册
个人空间
# so that it's allowed back in.
#----------------------------------------------------------------
pass out quick on em0 proto tcp from any to any keep state group 11
pass out quick on em0 proto udp from any to any keep state group 11
pass out quick on em0 proto icmp from any to any keep state group 11
block out quick on em0 all group 11
#----------------------------------------------------------------
#Block in all traffice from the private address
#----------------------------------------------------------------
block in quick on em0 all head 12
block in quick on em0 from 192.168.0.0/16 to any group 12
block in quick on em0 from 172.16.0.0/12 to any group 12
block in quick on em0 from 10.0.0.0/8 to any group 12
block in quick on em0 from 127.0.0.0/8 to any group 12
block in quick on em0 from 0.0.0.0/8 to any group 12
block in quick on em0 from 169.254.0.0/16 to any group 12
block in quick on em0 from 192.0.2.0/24 to any group 12
block in quick on em0 from 204.152.64.0/23 to any group 12
block in quick on em0 from 224.0.0.0/3 to any group 12
block in quick on em0 from 20.20.20.0/24 to any group 12
#----------------------------------------------------------------
# Block all remaining traffic coming into the firewall
#----------------------------------------------------------------
pass in quick on em0 proto tcp from any to any port = 80 flags S keep state group 12
block in quick on em0 all group 12
#############The END############################################
5:我的ipnat.conf文件:
######################ipnat.conf###########################################
map em0 10.0.40.0/24 ->; a.b.c.d/32 proxy port ftp ftp/tcp
map em0 10.0.40.0/24 ->; a.b.c.d/32 portmap tcp/udp 1025:65500
map em0 10.0.40.0/24 ->; a.b.c.d/32
| 论坛热门帖子: | [lch203] 写得蛮好的linux学习笔记(10-21) [黑马制造] 学习java的30个目标(10-19) [笑傲股林] 做测试半年了,有点迷茫,应该再学些什么提高自己的测试水平和测试能力呢?(10-19) [udp8589] 大家用google的来吱一声? 用百度的~~也来报道下?(10-18) [沂偌掳兆] 本人总结的一些认为C++比较经典的书籍,希望对大家有用(10-18) |
| TAG标签: | 代理 上网 透明 实现 /usr/local/beifen.sh 回复 ## a1.b1.c1.d1 |
