ipf.rules
2009-05-13 15:26:01来源:未知 阅读 ()
这是一个很简单的网络环境,一个ip地址,一个宿舍都使用这个ip通过一个路由器上网,
配置文件份几个部分:
1.先允许本地回路lo0自由进出,这是必须的,某些程序需要通过这种方式通信。
2.打开自己需要的端口和协议。
3.记录需要的信息,用来网络有异常时看看有没有什么不对的。
4.阻止其他一切网络通信。
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!不保证该规则好使!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
################################################################################
# No restrictions on Loopback Interface.
# for in
pass in quick on lo0 all
# for out
pass out quick on lo0 all
################################################################################
# Allow traffic in from ISP's DHCP server.
pass in quick on fxp0 proto udp from 192.168.0.1 to any port = 68 keep state
################################################################################
# Allow out access to my ISP's Domain name server.
pass out quick on fxp0 proto tcp from any to x.x.x.x port = 53 flags S keep state
pass out quick on fxp0 proto tcp from any to x.x.x.x port = 53 flags S keep state
pass out quick on fxp0 proto udp from any to x.x.x.x port = 53 keep state
pass out quick on fxp0 proto udp from any to x.x.x.x port = 53 keep state
################################################################################
# Allow access to World Wide Web.
# for in
pass in quick on fxp0 proto tcp from any to any port = 80 flags S keep state
# for out
pass out quick on fxp0 proto tcp from any to any port = 80 flags S keep state
################################################################################
# Allow access to gmail, receive port is 995 and send port is 587.
# for receive e-mail
pass out quick on fxp0 proto tcp from any to any port = 995 flags S keep state
# for send e-mail
pass out quick on fxp0 proto tcp from any to any port = 587 flags S keep state
################################################################################
# Allow Internet Relay Chat.
# for in
pass in quick on fxp0 proto tcp from any to any port = 7000 flags S keep state
# for out
pass out quick on fxp0 proto tcp from any to any port = 7000 flags S keep state
################################################################################
# Allow MSN access.
# for in 443
pass in quick on fxp0 proto tcp from any to any port = 443 flags S keep state
# for out 443
pass out quick on fxp0 proto tcp from any to any port = 443 flags S keep state
# for in 1863
pass in quick on fxp0 proto tcp from any to any port = 1863 flags S keep state
标签:
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有
- Freebsd oracle 10g 2009-05-13
- KDE/FreeBSD 测试 QT-4.5.1. 2009-05-13
- OpenBSD 4.5下安装Gnome 2.24成功! 2009-05-13
- OpenBSD 4.5 2009-05-13
- DragonFly BSD 2.2.1发布 2009-05-13
IDC资讯: 主机资讯 注册资讯 托管资讯 vps资讯 网站建设
网站运营: 建站经验 策划盈利 搜索优化 网站推广 免费资源
网络编程: Asp.Net编程 Asp编程 Php编程 Xml编程 Access Mssql Mysql 其它
服务器技术: Web服务器 Ftp服务器 Mail服务器 Dns服务器 安全防护
软件技巧: 其它软件 Word Excel Powerpoint Ghost Vista QQ空间 QQ FlashGet 迅雷
网页制作: FrontPages Dreamweaver Javascript css photoshop fireworks Flash
