podivne zpomaleni provozu s firewallem PF -OT

Jaroslav Votruba jaroslav.votruba at keytec.cz
Fri Jan 4 12:05:12 CET 2008


>> Line 110: bad command 
>> `badguys="192.168.0.0/24{11,34,49,61,73,86,101,102,105,114,119,121,125,144,203,222,149}"' 
>>     
>
> 	Chybova hlaska naznacuje, ze realny text te radky neodpovida "vyse 
> uvedene volbe". Takze jak presne vypada radek 110 (a nejlepe i radek nad 
> a pod) ve scriptu ?
>
> 	A, jeste pro jistotu, jak presne ten script spoustis ?
>
> 						Dan
>   

spouštím ho
ipfw -f flush && ipfw /etc/rc.firewall.rules

ted koukam, jestli nemuze delat bordel to ze jsem neuved cislo pravidla


add 330 allow all from any to 85.xxx.xxx.xx
add 331 allow all from 85.xxx.xxx.xx to any


#goodguys="{ 10.1.2.0/24{20,35,66,18} or 10.2.3.0/28{6,3,11} }"
badguys="192.168.0.0/24{11,34,49,61,73,86,101,102,105,114,119,121,125,144,203,222,149}"

#ipfw add allow ip from ${goodguys} to any
add deny ip from ${badguys} to any dst-port 53
add deny ip from ${badguys} to any dst-port 80

#Zakaz portu 25 pro stanice

add 2000 deny log ip from 192.168.0.0/24 not to me dst-port 25



>
>   


More information about the Users-l mailing list