podivne zpomaleni provozu s firewallem PF -OT
Jaroslav Votruba
jaroslav.votruba at keytec.cz
Fri Jan 4 12:05:12 CET 2008
>> Line 110: bad command
>> `badguys="192.168.0.0/24{11,34,49,61,73,86,101,102,105,114,119,121,125,144,203,222,149}"'
>>
>
> Chybova hlaska naznacuje, ze realny text te radky neodpovida "vyse
> uvedene volbe". Takze jak presne vypada radek 110 (a nejlepe i radek nad
> a pod) ve scriptu ?
>
> A, jeste pro jistotu, jak presne ten script spoustis ?
>
> Dan
>
spouštím ho
ipfw -f flush && ipfw /etc/rc.firewall.rules
ted koukam, jestli nemuze delat bordel to ze jsem neuved cislo pravidla
add 330 allow all from any to 85.xxx.xxx.xx
add 331 allow all from 85.xxx.xxx.xx to any
#goodguys="{ 10.1.2.0/24{20,35,66,18} or 10.2.3.0/28{6,3,11} }"
badguys="192.168.0.0/24{11,34,49,61,73,86,101,102,105,114,119,121,125,144,203,222,149}"
#ipfw add allow ip from ${goodguys} to any
add deny ip from ${badguys} to any dst-port 53
add deny ip from ${badguys} to any dst-port 80
#Zakaz portu 25 pro stanice
add 2000 deny log ip from 192.168.0.0/24 not to me dst-port 25
>
>
More information about the Users-l
mailing list