[FUG-BR] Erro no pf.conf - queue root_dc0 already exists on interface dc0
Cristina Fernandes Silva
cristina.fsilva em yahoo.com.br
Quinta Janeiro 25 20:43:16 BRST 2007
O restante é esse.
# Fazendo o NAT
nat on $int_ext from $rede to any -> $int_ext
nat on $int_ext from <baixa> to any -> $int_ext
nat on $int_ext from <bmedia> to any -> $int_ext
nat on $int_ext from <media> to any -> $int_ext
nat on $int_ext from <alta> to any -> $int_ext
nat on $int_ext from <center> to any -> $int_int
# Redicrecionamento
#--------------------------------
rdr on $int_int proto tcp from any to any port 80 -> $server1 port 3128
# ... sessão de filtragem
# blockeando tudo por default
block in log on $int_ext from any to any
# bloqueando spoof
antispoof for { $int_ext } inet
# bloqueando scanners
block drop in quick on { $int_ext } from any os { NMAP }
# bloqueando trafego ipv6
block log quick inet6
#Liberando loopback
pass quick on lo0 all
# liberando ping/traceroute
pass out log on $int_ext inet proto icmp all icmp-type 8 code 0 keep state
pass in log on $int_ext inet proto icmp all icmp-type 8 code 0 keep state
# Liberando portas
#INCOMING
#TCP
pass in quick on $int_ext inet proto tcp from any to $int_ext port $TCP_IN flags S/SA keep state
#UDP
#pass in quick on $int_ext inet proto udp from any to $int_ext port $UDP_IN keep state
#PING
pass in quick on $int_ext inet proto icmp from any to $int_ext icmp-type $PING keep state
pass in on $int_ext inet proto { tcp udp } from any to any port 22
pass in on $int_ext inet proto { tcp udp } from any to any port 21
pass in on $int_ext inet proto { tcp udp } from any to any port 20
pass in on $int_ext inet proto { tcp udp } from any to any port 25
pass in on $int_ext inet proto { tcp udp } from any to any port 53
pass in on $int_ext inet proto { tcp udp } from any to any port 80
pass in on $int_ext inet proto { tcp udp } from any to any port 443
pass in on $int_ext inet proto { tcp udp } from any to any port 110
pass in on $int_ext inet proto { tcp udp } from any to any port 8080
pass in on $int_ext inet proto { tcp udp } from any to any port 6667
pass in on $int_ext inet proto { tcp udp } from any to any port 6891
pass in on $int_ext inet proto { tcp udp } from any to any port 6893
pass in on $int_ext inet proto { tcp udp } from any to any port 6900
pass in on $int_ext inet proto { tcp udp } from any to any port 1213
pass in on $int_ext inet proto { tcp udp } from any to any port 1214
pass in on $int_ext inet proto { tcp udp } from any to any port 1832
pass in on $int_ext inet proto { tcp udp } from any to any port 3094
pass in on $int_ext inet proto { tcp udp } from any to any port 3622
pass in on $int_ext inet proto { tcp udp } from any to any port 2216
pass in on $int_ext inet proto tcp from port 20 to ($int_ext) user proxy flags S/SA keep state
#OUTGOING
#EXTERNAL INTERFACE
#TCP
pass out quick on $int_ext inet proto tcp from $int_ext to any port $TCP_OUT flags S/SA keep
state
#UDP
pass out quick on $int_ext inet proto udp from $int_ext to any port $UDP_OUT keep state
#ICMP
pass out quick on $int_ext inet proto icmp from $int_ext to any icmp-type $PING keep state
# Liberando acesso
pass in log on $int_ext from <baixa> to any queue baixa_in
pass in log on $int_ext from <bmedia> to any queue bmedia_in
pass in log on $int_ext from <media> to any queue media_in
pass in log on $int_ext from <alta> to any queue alta_in
pass in log on $int_ext from <center> to any queue center_in
pass in log on $int_ext from <baixa> to any
pass in log on $int_ext from <bmedia> to any
pass in log on $int_ext from <media> to any
pass in log on $int_ext from <alta> to any
pass in log on $int_ext from <center> to any
Obrigada
Cristina
__________________________________________________
Fale com seus amigos de graça com o novo Yahoo! Messenger
http://br.messenger.yahoo.com/
Mais detalhes sobre a lista de discussão freebsd