é possível definir ainda: table <ssh_hosts> persist # aqui vc add os hosts que PODEM entrar, nao os servers. block on $ext_if proto tcp from any to any port 22 pass quick in on $ext_if proto tcp from <ssh_hosts> to any port 22
pfctl -t ssh_hosts -T add $IP pfctl -t ssh_hosts -T delete $IP Att, RS On 10/26/06, Aristeu Gil Alves Jr <[EMAIL PROTECTED]> wrote: > Use anchors (http://www.openbsd.org/faq/pf/anchors.html). > > Ex do site: > "ext_if = "fxp0" > > block on $ext_if all > pass out on $ext_if all keep state > anchor ssh in on $ext_if proto tcp from any to any port 22" > > # echo "pass in from 192.0.2.10 to any" | pfctl -a ssh -f - > > -- > Aristeu Gil Alves Jr > ------------------------- > Histórico: http://www.fug.com.br/historico/html/freebsd/ > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd > -- Att, Rogério Schneider +55 (55) 9985 2127 +55 (55) 3332 5923 +55 (55) 3333 8158 +55 (55) 3321 1535 MSN: [EMAIL PROTECTED] ICQ: 78778973 GTalk: [EMAIL PROTECTED] Skype: stockrt ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
