Re: Obmedzenie portu 3306 cez firewall PF

Marián Černý Sun, 06 Jun 2021 03:19:19 -0700

Frantisek Hennel wrote:
> 
> Dakujem za pomoc, ale nefunguje mi to.
> 
> pass in quick on $ext_if from 10.1.1.0/24 to ($ext_if) port 3306
> /etc/pf.conf:4: port only applies to tcp/udp


Sorry, chýba tam "proto tcp”.

pass in quick on $ext_if proto tcp from 10.1.1.0/24 to ($ext_if) port 3306
block drop in log (all) quick on $ext_if proto tcp from any to ($ext_if) port 
3306

Alebo v jednom pravidle, ako to písal schrodinger:

block drop in log (all) quick on $ext_if proto tcp from ! 10.1.1.0/24 to 
($ext_if) port 3306

(alebo zjednodušene:)

block in log quick on $ext_if proto tcp from ! 10.1.1.0/24 to any port 3306

Marián
-- 
FreeBSD mailing list (users-l@freebsd.cz)
http://www.freebsd.cz/listserv/listinfo/users-l

Re: Obmedzenie portu 3306 cez firewall PF

Odpovedet emailem