wiki:freebsd:ipfw
Это старая версия документа!
Настройка ipfw на сервере FreeBSD.
- ipfw.sh
#!/usr/local/bin/bash cmd="/sbin/ipfw -q" $cmd -f flush # Интерфейс, на котором слушаем WAN="igb0" IP="51.51.51.51" # IP, на который будем пробрасывать порты ToIP="163.33.33.3" # LIM="30" $cmd enable one_pass $cmd add allow all from any to any via lo0 $cmd add deny all from any to 127.0.0.0/8 $cmd add deny all from 127.0.0.0/8 to any $cmd add deny all from any to any frag #$cmd add check-state #$cmd add allow tcp from any to any established #$cmd add allow all from any to any out keep-state # table admin $cmd table admin create missing $cmd table admin add 46.160.11.11 $cmd table admin add 109.111.64.0/19 # ssh to admin $cmd add allow ip from "table(admin)" to me 22 # table bad boys $cmd table badb create missing $cmd add deny ip from "table(badb)" to me # dns DNS="8.8.8.8,1.1.1.1" $cmd add allow udp from ${DNS} to ${IP} in via ${WAN} $cmd add allow udp from ${IP} to ${DNS} out via ${WAN} # HTTP && HTTPS #$cmd add allow tcp from any to me 443 in limit src-addr 80 #$cmd add allow tcp from any to me 80 in limit src-addr 80
wiki/freebsd/ipfw.1680602900.txt.gz · Последнее изменение: 2023/04/04 13:08 — Diman