Date: Thu, 4 Nov 2004 00:01:45 +0100 From: Michael Knudsen <none@e--molioner.dk.lh.bsd-dk.dk> To: bsd-dk@bsd-dk.dk Subject: Re: pf og pass
Quoting Tue Topholm (tt@device.dk):
> Så må den vil se sådan her ud.
Ikke helt ved siden af, nej, men vaen dig til at bruge makroer, saa du
ikke skal rette 2000 linier, naar en server skifter IP:
web="1.2.3.4"
mail="2.3.4.5"
Soerg ogsaa for at skrive ``port ssh'' i stedet for ``port 22'' -- det
goer det ogsaa lettere at laese regelsaettet.
> Mail:
> Pass in proto tcp from any to 2.3.4.5 port = 25 flags S/SA modulate state
pass in proto tcp from any to $mail port = smtp flags S/SA modulate state
> Pass in proto tcp from any to 2.3.4.5 port = 110 flags S/SA modulate state
pass in proto tcp from any to $mail port = pop3 flags S/SA modulate state
> WWW:
> pass in proto {tcp, udp} from any to 1.2.3.4 port www flags S/SA modulate
> state
Hvorfor vil du have port 80 over udp til webserveren?
pass in proto tcp from any to $web port www flags S/SA modulate state
-- Five exclamation marks, the sure sign of an insane mind. -- (Terry Pratchett, Reaper Man)
This archive was generated by hypermail 2b30 : Wed 15 Nov 2006 - 18:24:46 CET