ipfw nejde specifikovat port
Petr Spodniak
pspodniak at broadnet.cz
Thu Sep 11 13:43:00 CEST 2003
V čt, 11. 09. 2003 v 13:09, Josef Varilek píše:
> Dobry den,
>
>
> Mozna je to otazka z neznalosti nejake zakladni problematiky,
> ale uz nechapu to:
>
> kdyz pridam do ipfw pravidla:
>
> ipfw add allow tcp from any to 192.168.0.2
>
> a
>
> ipfw add allow tcp from 192.168.0.2 to any
>
> funguje vse.
>
je potreba u pravidel ktera zastavuji pakety dat logovani a podivat se
do logu (/var/log/security) - z toho by melo byt jasne co a jak.
napsal bych to jinak:
ipfw add allow tcp from 192.168.0.2 to any setup
ipfw add allow tcp from any to 192.168.0.2 25,80 setup
ipfw add allow tcp from any to any established
nebo s pouzitim dynamiky:
ipfw add allow tcp from 192.168.0.2 to any setup keep-state
ipfw add allow tcp from any to 192.168.0.2 25,80 setup keep-state
ipfw add check-state
ipfw add deny tcp from any to any established
--
Petr Spodniak <pspodniak at broadnet.cz>
More information about the Users-l
mailing list