> >> /*server# ipfw show*/ > >> 00100 335 32750 allow ip from any to any > >> 00200 0 0 divert 8668 ip from any to any via rl0 > >> 65535 0 0 deny ip from any to any
Ola! Experimenta substituir seu rc.firewall por isso: #!/bin/sh # Variaveis do Script fwcmd="/sbin/ipfw -q" # Comando do IPFW ife="xl0" # Interface Externa GATEWAY ifi="fxp0" # Interface Interna GATEWAY ipe="200.XXX.YYY.ZZZ" # IP Externo neti="192.168.254.0/24" # Rede Interna # Flush All $fwcmd -f flush # Router # [100] $fwcmd add 100 allow udp from any 520 to any 520 via any # NATd # [700] $fwcmd add 705 divert 8668 all from $neti to any via $ife out $fwcmd add 710 divert 8668 all from any to $ipe via $ife in # DNS # [1100] $fwcmd add 1105 allow udp from any 53 to any 53 $fwcmd add 1110 allow udp from any 1023-65535 to any 53 $fwcmd add 1115 allow udp from any 53 to any 1023-65535 $fwcmd add 1120 allow udp from any 53 to any 137 $fwcmd add 1125 allow udp from any 137 to any 53 # Libera o resto limitado # [65001] $fwcmd pipe 200 config bw 250Kbit/s queue 8KBytes $fwcmd add 66000 pipe 200 all from any to any $fwcmd add 66001 allow all from any to any -- .-- -.----------- ..- ----.----- Alexandre Donisete = www.aledon.org -- Sistema correio eletrônico acadêmico DEP/UFSCar _______________________________________________ Freebsd mailing list Freebsd@fug.com.br http://mail.fug.com.br/mailman/listinfo/freebsd_fug.com.br
