dariusii
Silver Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору -f flush add allow all from any to any via lo* add check-state #dhcp add allow udp from any 67,68 to any 67,68 keep-state add allow 47 from any to any add allow all from me to any keep-state add allow tcp from any 1024-65535 to me 21 setup keep-state #ftp add allow tcp from any 1024-65535 to me 49152-65534 keep-state #Bittorent add allow tcp from any to me 6881-6889 keep-state add allow tcp from any to me 49150 keep-state add allow tcp from any to me 49150 keep-state #dc++ add allow tcp from any to me 1412 keep-state add allow udp from any to me 2896 keep-state #icmp add allow icmp from me to any keep-state #time add allow udp from me 123 to any 123 keep-state # add prob 0.05 deny ip from any to any in # add drop log all from any to any добавил запись "gre 47 GRE" в C:\WINDOWS\system32\drivers\etc\protocol порядок номеров протоколов имеет место быть. ip 0 IP # Internet protocol icmp 1 ICMP # Internet control message protocol ggp 3 GGP # Gateway-gateway protocol tcp 6 TCP # Transmission control protocol egp 8 EGP # Exterior gateway protocol pup 12 PUP # PARC universal packet protocol udp 17 UDP # User datagram protocol hmp 20 HMP # Host monitoring protocol xns-idp 22 XNS-IDP # Xerox NS IDP rdp 27 RDP # "reliable datagram" protocol gre 47 GRE rvd 66 RVD # MIT remote virtual disk ############ должно быть: D:\home\dariusii>ipfw -ad list 00100 7376 215656 allow ip from any to any via lo* 00200 0 0 check-state 00300 0 0 deny log ip from any to {......скрыт ip адрес} 00400 8 2692 allow udp from any 67,68 to any 67,68 keep-state 00500 8259 6253853 allow gre from any to any 00600 7631 5896876 allow ip from me to any keep-state 00700 0 0 allow tcp from any 1024-65535 to me 21 keep-state setup 00800 0 0 allow tcp from any 1024-65535 to me 49152-65534 keep-state 00900 0 0 allow tcp from any to me 6881-6889 keep-state 01000 0 0 allow tcp from any to me 49150 keep-state 01100 0 0 allow tcp from any to me 49150 keep-state 01200 0 0 allow tcp from any to me 1412 keep-state 01300 0 0 allow udp from any to me 2896 keep-state 01400 0 0 allow icmp from me to any keep-state 01500 0 0 allow udp from me 123 to any 123 keep-state 01600 3 1480 prob 0.050000 deny ip from any to any in 01700 65 39628 deny log ip from any to any 65535 1 33 deny ip from any to any ## Dynamic rules: ... {здесь появятся динамически созданные правила} подробности http://wipfw.sourceforge.net/doc-ru.html | Всего записей: 2458 | Зарегистр. 08-11-2003 | Отправлено: 19:22 11-11-2006 | Исправлено: dariusii, 20:31 11-11-2006 |
|