|
|||
pf.conf
I have a "problem" with pf firewall and I don't know how to save it...
My system: FreeBSD 7.0, cable Internet, D-Link DI-604 (standalone computer). I run also pf firewall and pfctl -s rules are: No ALTQ support in kernel ALTQ related functions disabled scrub in all fragment reassemble block drop in quick on ! sk0 inet from 192.168.0.0/24 to any block drop in quick inet from 192.168.0.100 to any block drop in log quick on sk0 all label "inblock" pass out on sk0 inet proto tcp all flags S/SA modulate state pass out on sk0 inet proto udp all keep state pass out on sk0 inet proto icmp all icmp-type echoreq code 0 keep state pf.conf: # Macros ext_if="sk0" # Optimization set optimization normal set block-policy drop set loginterface $ext_if set skip on lo0 # NOrmalization scrub in all # Filtering antispoof quick for $ext_if # Closed from outside block in log quick on $ext_if all label "inblock" # Open to out pass out on $ext_if inet proto tcp all flags S/SA modulate state pass out on $ext_if inet proto udp all keep state # ping out pass out on $ext_if inet proto icmp all icmp-type 8 code 0 keep state /var/log/pflog has everytime something like: Date Interface Action Rule Direction Protocol Src. address Src. port Dest. address Dest. port 2008-09-15 19:22:50.503247 sk0 drop 2 in udp 192.168.0.102 138 192.168.0.255 138 2008-09-15 19:22:50.503257 sk0 drop 2 in udp 192.168.0.102 137 192.168.0.255 137 2008-09-15 19:22:51.252843 sk0 drop 2 in udp 192.168.0.102 137 192.168.0.255 137 2008-09-15 19:22:52.2844 sk0 drop 2 in udp 192.168.0.102 137 192.168.0.255 137 2008-09-15 19:24:20.994079 sk0 drop 2 in udp 192.168.0.102 138 192.168.0.255 138 2008-09-15 19:31:07.487049 sk0 drop 2 in udp 192.168.0.102 138 192.168.0.255 138 2008-09-15 19:33:20.124759 sk0 drop 2 in udp 0.0.0.0 68 255.255.255.255 67 2008-09-15 19:33:20.125243 sk0 drop 2 in udp 192.168.0.1 67 255.255.255.255 68 2008-09-15 19:33:20.125638 sk0 drop 2 in udp 0.0.0.0 68 255.255.255.255 67 2008-09-15 19:33:20.126140 sk0 drop 2 in udp 192.168.0.1 67 255.255.255.255 68 2008-09-15 19:33:24.982418 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:25.726406 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:26.477591 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:27.228664 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:27.980047 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:28.730837 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:29.481915 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:30.233010 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:31.551535 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:32.296118 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:32.524082 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:32.524177 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:33.47201 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:33.267571 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:33.267577 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:34.18655 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:34.18662 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:36.213991 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:36.962973 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:37.714053 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:38.465135 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:39.217315 sk0 drop 2 in udp 192.168.0.101 138 192.168.0.255 138 2008-09-15 19:33:39.252561 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:39.252566 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:39.997453 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:39.997460 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:40.748539 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:40.748546 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:54.449456 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:55.199743 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:33:55.950922 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:34:39.844677 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:34:40.586470 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:34:41.337554 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:42.98290 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:42.847972 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:43.2136 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:43.599052 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:43.749225 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:44.500413 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:49.829380 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:50.580947 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:51.330445 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:56.630255 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 2008-09-15 19:35:57.379338 sk0 drop 2 in udp 192.168.0.101 137 192.168.0.255 137 ..... ..... Thanks in advance. Last edited by lumiwa; 17th September 2008 at 09:11 PM. |
Tags |
pf, pf.conf |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
mk.conf not found | mtm0 | NetBSD Package System (pkgsrc) | 2 | 4th September 2009 04:42 PM |
please check my pf.conf | gosha | OpenBSD Security | 10 | 30th January 2009 12:32 AM |
make.conf | lumiwa | FreeBSD General | 9 | 8th September 2008 12:15 AM |
difference between rc.conf and loader.conf | disappearedng | FreeBSD General | 5 | 3rd September 2008 05:54 AM |