[FUGSPBR] (no subject)

marcela em informacao.srv.br marcela em informacao.srv.br
Ter Nov 16 16:26:37 BRST 2004 

Estou configurando meu pf.conf, num OpenBSD 3.5.

Embora tudo aparente correr bem, o redirecionamento de portas não
funciona. Não sei mais qual pode ser o motivo.

Gostaria de uma ajuda.

Segue pf.conf para análise.

Att. Marcela.

#       $OpenBSD: pf.conf,v 1.27 2004/03/02 20:13:55 cedric Exp $
#
# See pf.conf(5) and /usr/share/pf for syntax and examples.

#VARIABLES
EXT = "rl0"
INT = "fxp0"

canguru = "192.168.0.251"
srvmentor = "192.168.0.252"

#scrub in
scrub in all

#NAT and redirecton rules
nat on $EXT inet from $INT to any -> ($EXT)

#HTTP redirections
rdr on $INT proto tcp from any to any port 80 -> 127.0.0.1 port 3128

#pop, smtp, imap4
rdr pass on $EXT proto tcp from any to any port 110 -> $canguru rdr pass
on $EXT proto tcp from any to any port 25 -> $canguru rdr pass on $EXT
proto tcp from any to any port 143 -> $canguru

#pptp
rdr pass on $EXT proto tcp from any to any port 47 -> $srvmentor port 47
rdr pass on $EXT proto udp from any to any port 47 -> $srvmentor port 47

#site rdr pass on $EXT proto tcp from any to any port 80 -> $canguru port
5081

#ssl
rdr pass on $EXT proto tcp from any to any port 443 ->192.168.0.252 port 443

#aplicacção
rdr pass on $EXT proto  tcp from any to any port 5080 -> $canguru port
5080 rdr pass on $EXT proto tcp from any to any port 5080 -> $canguru port
5080

#SSH access is free, by port 22
pass in log quick on $EXT inet proto tcp from any to any port 22 flags
S/SA keep state pass in log quick on $EXT inet proto udp from any to any
port 22 keep state

#Filter Rules
block in log all

#Block ICMP
#block in proto icmp all

#Pass traffic to/from internal network

pass in quick on $INT all keep state
pass out quick on $INT all keep state


#Pass trafic to/from external network

pass in quick on $EXT proto tcp from any to any port 143 keep state pass
in quick on $EXT proto udp from any to any port 143 keep state pass in
quick on $EXT proto tcp from any to any  port 53 flags S/SA pass in quick
on $EXT  proto udp from any to any  port 53


#Permit outgoing on $EXT
pass out quick on $EXT all keep state

block out log all
pass in log quick on lo0 all
pass out log quick on lo0 all



_______________________________________________________________
Para enviar um novo email para a lista: fugspbr em fugspbr.org
Sair da Lista: http://lists.fugspbr.org/listinfo.cgi
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/

Mais detalhes sobre a lista de discussão freebsd