当前位置：首页 → 问答吧 → ipf分组问题这样对吗？大家帮我看看呀

ipf分组问题这样对吗？大家帮我看看呀

时间：2005-08-07

来源：互联网

ipf分组问题

例
10.0.0.1
10.0.0.5
10.0.0.4
为一组
可以出外网

10.0.0.2
10.0.0.8
可以对外发送邮件

10.0.0.7
10.0.0.6
外网关闭

＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃
ipf有规则可以分组吗
比如
pass ............
10.0.0.1
10.0.0.5
10.0.0.4

pass 25 110
block any
10.0.0.2
10.0.0.8

block any

10.0.0.7
10.0.0.6

有这样的分组规则吗？

作者: cls 发布时间: 2005-08-07

这样对吗？大家帮我看看呀

block in quick all with short
block in quick all with ipopts
block in log quick all with short
block in log quick all with ipopts
block in log quick all with opt lsrr
block in log quick all with opt ssrr
pass in quick on lo0 all
pass out quick on lo0 all
pass in quick on vr0 all
pass out quick on vr0 all
#####################################################################
block in quick on vr1 all head 10
#####
pass in quick on vr1 proto tcp/udp from 192.168.0.10/32 to any port = 53 keep state group 10
pass in quick on vr1 proto tcp/udp from 192.168.0.10/32 to any port = 80 keep state group 10
pass in quick on vr1 proto tcp/udp from 192.168.0.10/32 to any port = 22 keep state group 10
#####
#####
pass in quick on vr1 proto tcp/udp from 192.168.0.20/32 to any port = 53 keep state group 10
pass in quick on vr1 proto tcp/udp from 192.168.0.20/32 to any port = 21 keep state group 10
pass in quick on vr1 proto tcp/udp from 192.168.0.20/32 to any port = 110 keep state group 10
#####
###########################################################################
pass in quick all
pass out quick all

作者: cls 发布时间: 2005-08-08