Nazdar, pokusal som sa experimentovat s pravidlami IPFiltera a stvoril ipf.conf v zavere mailu. Vsetko funguje viac-menej podla mojich predstav, akurat po aplikovani pravidiel mi na serveri nefunguje preklad IP na hostname a spat.
Postrcite ma trosku, ze kde mam chybu? Presiel som dokumentaciu, ale nic som nenasiel. Dakujem. block in log quick all with ipopts block in log quick proto tcp all with short # pass in quick on lo0 all pass out quick on lo0 all # block in on rl0 all head 100 # block in log quick from 224.0.0.0/3 to any group 100 # block in log quick from 127.0.0.0/8 to any group 100 block in log quick from any to 127.0.0.0/8 group 100 # block in log quick from 10.0.0.0/8 to any group 100 block in log quick from 172.16.0.0/12 to any group 100 block in log quick from 192.168.0.0/16 to any group 100 # block in log quick from 158.193.60.109/32 to any group 100 # pass in quick proto tcp from any to any port = http keep state group 100 pass in quick proto tcp from any to any port = smtp keep state group 100 pass in quick proto tcp from any to any port = ssh keep state group 100 # #block return-rst in log proto tcp from any to any flags S/SA group 100 #block return-icmp(net-unr) in proto udp all group 100 # pass out on rl0 all head 200 block out log quick from 127.0.0.0/8 to any group 200 block out log quick from any to 127.0.0.0/8 group 200 # block out log quick from any to 158.193.60.109/32 group 200 -- FreeBSD mailing list (users-l@freebsd.cz) http://www.freebsd.cz/listserv/listinfo/users-l