[FUG-BR] check-state sempre fica em zero?
Bandeira
gnu.groups em gmail.com
Sábado Novembro 15 19:42:35 BRST 2008
Ta certo isso?
sh-3.2# ipfw show
00010 0 0 check-state
00070 12282 585485 divert 17779 tcp from any to any out xmit en*
tcpflags ack iplen 0-70
00070 30750 1476000 divert 17779 tcp from any to any setup out xmit en*
00070 2 168 divert 17779 icmp from any to any out xmit en*
00070 0 0 divert 17779 tcp from any to any dst-port 53 out
xmit en*
00070 3924 259795 divert 17779 udp from any to any dst-port 53 out
xmit en*
00070 14 15918 divert 17778 tcp from any to any dst-port 80 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 443 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 3130 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 8080 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 8118 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 9001 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 9030 out
xmit en*
00070 0 0 divert 17779 tcp from any to any dst-port 9050 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 9051 out
xmit en*
00070 0 0 divert 17779 tcp from any to any dst-port 22 out
xmit en*
00070 0 0 divert 17779 tcp from any to any dst-port 2222 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 143 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 21 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 1863 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 6667 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 6668 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 9999 out
xmit en*
00070 0 0 divert 17778 tcp from any to any dst-port 16732 out
xmit en*
00070 43682 4114082 divert 17777 ip from any to any out xmit en*
00100 46215 2342135 allow ip from any to any via lo*
00700 9518299 4523981300 allow tcp from any to any out keep-state
00710 406628 47277854 allow udp from any to any out keep-state
00720 24 2016 allow icmp from any to any out keep-state
00800 5681 1018140 deny tcp from any to any established
03000 28932 2100325 allow udp from any to any dst-port
53,5353,16000,32000,32003,32715,51413
03001 23570 1238192 allow tcp from any to any dst-port
53,5353,16000,32000,32003,32715,51413
03002 5 315 allow udp from any
53,5353,16000,32000,32003,32715,51413 to any
03003 0 0 allow tcp from any
53,5353,16000,32000,32003,32715,51413 to any
03010 663 51359 allow icmp from any to any icmptypes 4,11
03012 0 0 deny icmp from any to me in icmptypes 8
03013 0 0 deny icmp from any to any out icmptypes 8
04000 96 74347 deny ip from any to any frag
04001 0 0 deny ip from 127.0.0.0/8 to any in
04101 0 0 deny ip from any to 127.0.0.0/8 in
04201 0 0 deny ip from 224.0.0.0/3 to any in
04301 0 0 deny tcp from any to 224.0.0.0/3 in
04801 0 0 deny ip from any to any ipoptions rr
04901 0 0 deny ip from any to any ipoptions ts
05001 0 0 deny ip from any to any ipoptions lsrr
05101 0 0 deny ip from any to any ipoptions ssrr
05301 0 0 deny tcp from any to any tcpflags syn,fin
05311 0 0 deny tcp from any to any tcpflags syn,rst
05321 0 0 deny tcp from any 0,3,5 to any
05331 0 0 deny tcp from any to any dst-port 0,3,5
05341 0 0 deny udp from any 0,3,5 to any
05351 0 0 deny udp from any to any dst-port 0,3,5
05371 0 0 deny ip from 0.0.0.0/8 to any
65534 3140 252909 deny ip from any to any
65535 0 0 allow ip from any to any
Mais detalhes sobre a lista de discussão freebsd