| farlow |
17-07-2007 13:27 614639 |
насчет доходят до правила или нете, не понял, по идее должны
ipfw show
Код:
00003 0 0 deny tcp from any to any dst-port 445
00009 0 0 allow tcp from 192.168.1.253 22,25,110 to 192.168.1.0/24 via rl0
00009 0 0 allow tcp from 192.168.1.0/24 to 192.168.1.253 dst-port 22,25,110 via rl0
00010 0 0 deny tcp from any to 195.208.158.86 dst-port 21,53,143,993,995 via an0
00012 1 81 deny udp from any to 195.208.158.86 dst-port 21,53,143,993,995 via an0
00014 6 260 deny tcp from any to 195.208.158.86 dst-port 53,150,151,514,587,1812,3128,3306,7510
00016 0 0 deny udp from any to 195.208.158.86 dst-port 53,150,151,514,587,1812,3128,3306,7510
00022 0 0 deny tcp from any to 192.168.1.253 dst-port 514,587,1812,3128,3306
00024 0 0 deny udp from any to 192.168.1.253 dst-port 514,587,1812,3128,3306
00030 0 0 deny tcp from 192.168.1.0/24 to 195.208.158.86 dst-port 514,587,3128,1812,3306 via rl0
00032 0 0 deny tcp from 195.208.158.86 514,587,3128,1812,3306 to 192.168.1.0/24 via rl0
00050 1962 128091 allow ip from 192.168.1.0/24 to 192.168.1.253 via rl0
00052 1890 302448 allow ip from 192.168.1.253 to 192.168.1.0/24 via rl0
00080 990010 597693543 divert 21000 ip from any to any
00088 79619 50779969 allow tcp from 192.168.1.0/24 to 195.208.158.86 dst-port 22,25,80,110,443,8010
00089 81034 85865758 allow tcp from 195.208.158.86 22,25,80,110,443,8010 to 192.168.1.0/24
00110 54042 27709853 divert 8668 ip from 192.168.1.0/24 to any via an0
00130 204737 192690899 divert 8668 ip from any to 195.208.158.86 via an0
00135 0 0 allow tcp from any to me dst-port 1723 setup
00135 0 0 allow tcp from me to any dst-port 1723 setup
00135 0 0 allow gre from me to any
00135 0 0 allow gre from any to me
00135 0 0 allow tcp from any to any via ng*
00135 0 0 allow udp from any to any via ng*
00140 0 0 allow tcp from 80.66.79.6 to 195.208.158.86 dst-port 22,80,110,443,8010
00140 0 0 allow tcp from 195.208.158.226 to 195.208.158.86 dst-port 22,80,110,443,8010
00140 0 0 allow tcp from 193.238.129.121 to 195.208.158.86 dst-port 22,80,110,443,1723,8010
00140 0 0 allow tcp from 195.208.158.85 to 195.208.158.86 dst-port 22,80,110,443,1723,8010
00140 0 0 allow tcp from 90.189.139.212 to 195.208.158.86 dst-port 22,80,110,443,1723,8010
00140 0 0 allow tcp from 195.208.157.98 to 195.208.158.86 dst-port 80,22
00140 0 0 allow tcp from 195.208.157.99 to 195.208.158.86 dst-port 80,22
00140 0 0 allow tcp from 195.208.157.100 to 195.208.158.86 dst-port 80,22
00140 0 0 allow tcp from 195.208.157.101 to 195.208.158.86 dst-port 80,22
00140 0 0 allow tcp from 87.103.251.21 to 195.208.158.86 dst-port 22,80,110,443,8010
00140 0 0 allow icmp from 195.208.158.85 to 195.208.158.86
00142 0 0 allow tcp from 195.208.158.86 22,80,443,8010 to any
00144 0 0 deny tcp from any to 195.208.158.86 dst-port 22,80,443,1723,8010
00149 20 1034 allow tcp from 195.208.157.100 to 195.208.158.86 dst-port 22,80,110,443,8010
00150 0 0 deny tcp from not 195.208.157.100 to 195.208.158.86 dst-port 3389
00150 0 0 deny tcp from not 87.103.251.21 to 195.208.158.86 dst-port 3389
00235 3498 3015626 pipe 1 ip from any to 192.168.1.11 in
00330 74614 14236884 allow ip from any to any via lo0
00340 0 0 deny icmp from any to any frag
00350 0 0 deny ip from 195.208.158.84/30 to 192.168.1.253
00370 0 0 deny ip from 192.168.1.0/24 to 195.208.158.86
00400 0 0 allow tcp from 192.168.1.0/24 to 216.193.195.52 dst-port 80
00400 0 0 allow tcp from 192.168.1.0/24 to 69.36.233.10 dst-port 80
00500 297 56580 fwd 127.0.0.1,3128 tcp from 192.168.1.0/24 to 83.97.109.6 dst-port 80,8080
00500 253 89362 allow tcp from 83.97.109.6 to 192.168.1.0/24
00500 0 0 allow tcp from 192.168.1.0/24 to 83.97.109.6
00500 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.0/24 to 212.17.13.146 dst-port 80,8080
00500 0 0 allow tcp from 212.17.13.146 to 192.168.1.0/24
00500 0 0 allow tcp from 192.168.1.0/24 to 212.17.13.146
01059 25086 2741159 fwd 127.0.0.1,3128 tcp from 192.168.1.11 to any dst-port 80,8080
01059 43889 52985491 allow ip from any to 192.168.1.11
01059 2915 229899 allow ip from 192.168.1.11 to any
01060 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.55 to any dst-port 80,8080
01060 0 0 allow ip from any to 192.168.1.55
01060 0 0 allow ip from 192.168.1.55 to any
01061 1554 521681 fwd 127.0.0.1,3128 tcp from 192.168.1.215 to any dst-port 80,8080
01061 1824 1231530 allow ip from any to 192.168.1.215
01061 228 32685 allow ip from 192.168.1.215 to any
01062 6 288 fwd 127.0.0.1,3128 tcp from 192.168.1.214 to any dst-port 80,8080
01062 296 50638 allow ip from any to 192.168.1.214
01062 252 22467 allow ip from 192.168.1.214 to any
01063 6311 1687003 fwd 127.0.0.1,3128 tcp from 192.168.1.10 to any dst-port 80,8080
01063 17689 9243233 allow ip from any to 192.168.1.10
01063 6283 830896 allow ip from 192.168.1.10 to any
01064 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.12 to any dst-port 80,8080
01064 0 0 allow ip from any to 192.168.1.12
01064 14 3055 allow ip from 192.168.1.12 to any
01065 28 2770 fwd 127.0.0.1,3128 tcp from 192.168.1.117 to any dst-port 80,8080
01065 5690 4294574 allow ip from any to 192.168.1.117
01065 8672 893662 allow ip from 192.168.1.117 to any
01066 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.32 to any dst-port 80,8080
01066 0 0 allow ip from any to 192.168.1.32
01066 13 2977 allow ip from 192.168.1.32 to any
01067 2473 361448 fwd 127.0.0.1,3128 tcp from 192.168.1.108 to any dst-port 80,8080
01067 3811 2420237 allow ip from any to 192.168.1.108
01067 656 54196 allow ip from 192.168.1.108 to any
01068 3150 842547 fwd 127.0.0.1,3128 tcp from 192.168.1.3 to any dst-port 80,8080
01068 4017 4062323 allow ip from any to 192.168.1.3
01068 69 8305 allow ip from 192.168.1.3 to any
01069 2117 246104 fwd 127.0.0.1,3128 tcp from 192.168.1.2 to any dst-port 80,8080
01069 7668 6333134 allow ip from any to 192.168.1.2
01069 4682 1159530 allow ip from 192.168.1.2 to any
01070 81 13020 fwd 127.0.0.1,3128 tcp from 192.168.1.5 to any dst-port 80,8080
01070 129 101039 allow ip from any to 192.168.1.5
01070 55 7064 allow ip from 192.168.1.5 to any
01071 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.4 to any dst-port 80,8080
01071 0 0 allow ip from any to 192.168.1.4
01071 41 7697 allow ip from 192.168.1.4 to any
01072 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.111 to any dst-port 80,8080
01072 42 9272 allow ip from any to 192.168.1.111
01072 258 23774 allow ip from 192.168.1.111 to any
01073 405 37091 fwd 127.0.0.1,3128 tcp from 192.168.1.20 to any dst-port 80,8080
01073 1238 569469 allow ip from any to 192.168.1.20
01073 540 45454 allow ip from 192.168.1.20 to any
01074 3051 463959 fwd 127.0.0.1,3128 tcp from 192.168.1.22 to any dst-port 80,8080
01074 3693 2828652 allow ip from any to 192.168.1.22
01074 305 24306 allow ip from 192.168.1.22 to any
01075 801 102155 fwd 127.0.0.1,3128 tcp from 192.168.1.40 to any dst-port 80,8080
01075 1540 588721 allow ip from any to 192.168.1.40
01075 524 41169 allow ip from 192.168.1.40 to any
01076 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.100 to any dst-port 80,8080
01076 0 0 allow ip from any to 192.168.1.100
01076 0 0 allow ip from 192.168.1.100 to any
01077 4 168 fwd 127.0.0.1,3128 tcp from 192.168.1.122 to any dst-port 80,8080
01077 3 128 allow ip from any to 192.168.1.122
01077 314 26606 allow ip from 192.168.1.122 to any
01078 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.30 to any dst-port 80,8080
01078 0 0 allow ip from any to 192.168.1.30
01078 13 2977 allow ip from 192.168.1.30 to any
01079 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.34 to any dst-port 80,8080
01079 0 0 allow ip from any to 192.168.1.34
01079 0 0 allow ip from 192.168.1.34 to any
01080 262 22458 fwd 127.0.0.1,3128 tcp from 192.168.1.63 to any dst-port 80,8080
01080 3692 1178999 allow ip from any to 192.168.1.63
01080 1570 171630 allow ip from 192.168.1.63 to any
01081 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.232 to any dst-port 80,8080
01081 0 0 allow ip from any to 192.168.1.232
01081 21 3752 allow ip from 192.168.1.232 to any
01082 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.237 to any dst-port 80,8080
01082 0 0 allow ip from any to 192.168.1.237
01082 0 0 allow ip from 192.168.1.237 to any
01083 41058 4529364 fwd 127.0.0.1,3128 tcp from 192.168.1.13 to any dst-port 80,8080
01083 92278 56939837 allow ip from any to 192.168.1.13
01083 25962 23783792 allow ip from 192.168.1.13 to any
01084 20 1215 fwd 127.0.0.1,3128 tcp from 192.168.1.8 to any dst-port 80,8080
01084 48 39812 allow ip from any to 192.168.1.8
01084 214 23999 allow ip from 192.168.1.8 to any
01085 4 168 fwd 127.0.0.1,3128 tcp from 192.168.1.27 to any dst-port 80,8080
01085 3 128 allow ip from any to 192.168.1.27
01085 35 6951 allow ip from 192.168.1.27 to any
01086 4998 836993 fwd 127.0.0.1,3128 tcp from 192.168.1.66 to any dst-port 80,8080
01086 9909 6465783 allow ip from any to 192.168.1.66
01086 1642 243735 allow ip from 192.168.1.66 to any
01087 1061 189568 fwd 127.0.0.1,3128 tcp from 192.168.1.90 to any dst-port 80,8080
01087 15911 9981190 allow ip from any to 192.168.1.90
01087 6527 843394 allow ip from 192.168.1.90 to any
01088 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.7 to any dst-port 80,8080
01088 618 84408 allow ip from any to 192.168.1.7
01088 317 27112 allow ip from 192.168.1.7 to any
01089 1456 171347 fwd 127.0.0.1,3128 tcp from 192.168.1.64 to any dst-port 80,8080
01089 5578 3524206 allow ip from any to 192.168.1.64
01089 1889 106834 allow ip from 192.168.1.64 to any
01090 4 168 fwd 127.0.0.1,3128 tcp from 192.168.1.31 to any dst-port 80,8080
01090 717 87708 allow ip from any to 192.168.1.31
01090 365 23577 allow ip from 192.168.1.31 to any
01091 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.201 to any dst-port 80,8080
01091 0 0 allow ip from any to 192.168.1.201
01091 0 0 allow ip from 192.168.1.201 to any
01092 2033 313720 fwd 127.0.0.1,3128 tcp from 192.168.1.67 to any dst-port 80,8080
01092 4198 3313416 allow ip from any to 192.168.1.67
01092 822 108307 allow ip from 192.168.1.67 to any
59999 340 10509 deny icmp from any to 195.208.158.86
65500 155948 175728319 allow ip from any to 195.208.158.86 via an0
65510 189859 58162024 allow ip from 195.208.158.86 to any via an0
65534 15613 1281742 deny ip from any to any
65535 0 0 allow ip from any to any
ipfw pipe list
Код:
00001: 100.000 Kbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail
mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp
0 tcp 205.188.153.121/5190 192.168.1.11/2076 3502 3016190 0 0 0
ipfw pipe show
Код:
00001: 100.000 Kbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail
mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp
0 tcp 205.188.153.121/5190 192.168.1.11/2076 3504 3016700 0 0 0
|
