DaemonForums - View Single Post

joostvgh · #4 **(View Single Post)** 24th May 2011

yeah i am

not easy to control a 60 people network on a 4mbit line tho..

here's the output

Code:

# pfctl -s rules
pass in quick on lo0 inet from 192.168.2.1 to any flags S/SA keep state
pass in quick on lo0 inet from 127.0.0.1 to any flags S/SA keep state
pass out quick on lo0 inet from 192.168.2.1 to any flags S/SA keep state
pass out quick on lo0 inet from 127.0.0.1 to any flags S/SA keep state
pass out quick on rl0 inet proto tcp from any to 192.168.2.1 flags S/SA keep state
block drop log all
block drop in quick on rl0 inet proto tcp from 192.168.2.0/24 to 195.122.131.0/24
block drop in quick on rl0 inet proto tcp from 192.168.2.0/24 to 62.67.50.0/24
block drop in quick on rl0 inet proto tcp from 192.168.2.0/24 to 212.162.2.0/24
block drop in quick on rl0 inet proto tcp from 192.168.2.0/24 to 62.140.7.0/24
block drop in quick on rl0 inet proto tcp from 192.168.2.0/24 to 130.117.156.250
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to 192.168.2.1 port = 667 flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to 127.0.0.1 port = 667 flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = ssh flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = www flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = https flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = domain flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = auth flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = 1863 flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = ftp flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = ftp-data flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = smtp flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = pop3 flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = imap flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = smtps flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = imaps flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = pop3s flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = 3724 flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = 6112 flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = 1119 flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = 1700 flags S/SA keep state
pass in quick on rl0 inet proto tcp from 192.168.2.0/24 to any port = 25565 flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = ssh flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = www flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = https flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = domain flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = auth flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = 1863 flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = ftp flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = ftp-data flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = smtp flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = pop3 flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = imap flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = smtps flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = imaps flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = pop3s flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = 3724 flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = 6112 flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = 1119 flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = 1700 flags S/SA keep state
pass out quick on dc0 inet proto tcp from 192.168.0.2 to any port = 25565 flags S/SA keep state
pass in quick on rl0 inet proto udp from 192.168.2.0/24 to DNSIP port = domain keep state
pass in quick on rl0 inet proto udp from 192.168.2.0/24 to DNSIP2 port = domain keep state
pass in quick on rl0 inet proto udp from 192.168.2.0/24 to any port 27000:27015 keep state
pass in quick on rl0 inet proto udp from 192.168.2.0/24 to any port = 4380 keep state
pass in quick on rl0 inet proto udp from 192.168.2.0/24 to any port = 1500 keep state
pass in quick on rl0 inet proto udp from 192.168.2.0/24 to any port = 3005 keep state
pass in quick on rl0 inet proto udp from 192.168.2.0/24 to any port = 3101 keep state
pass in quick on rl0 inet proto udp from 192.168.2.0/24 to any port = 28960 keep state
pass out quick on dc0 inet proto udp from 192.168.0.2 to 195.238.2.21 port = domain keep state
pass out quick on dc0 inet proto udp from 192.168.0.2 to 195.238.2.22 port = domain keep state
pass in quick on rl0 inet proto icmp from 192.168.2.0/24 to any icmp-type echoreq keep state
pass out quick on rl0 inet proto icmp from 192.168.2.0/24 to any icmp-type echoreq keep state