- 论坛徽章:
- 0
|
linuxbao3 发表于 2013-06-17 18:48 ![]()
回复 2# anthie
不一定哟。我不知道是否通过规则启动,但是:
这是FreeBSD里的官方手册指导中的例子:
这是在 rc.conf 里的
# IPFW
firewall_enable="YES"
firewall_type="open"
natd_enable="YES"
natd_interface="tun0"
natd_flags="-dynamic -m"
你看。natd 要 enable 才会启动。
ipfw 启动首先执行 rc.firewall 里的脚本。
你研究一下这个脚本,会有很大帮助。
看看 natd 是否启动,很简单:
# ps -ax | grep natd
1356 ?? Ss 123:03.99 /sbin/natd -dynamic -m -n tun0
44149 1 RL+ 0:00.00 grep natd
看看哪些规则生效:
# ipfw show
00050 74053193 49453203264 divert 8668 ip4 from any to any via tun0
00100 2676793 575593497 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
00400 0 0 deny ip from any to ::1
00500 0 0 deny ip from ::1 to any
00600 7 524 allow ipv6-icmp from :: to ff02::/16
00700 34338 2343432 allow ipv6-icmp from fe80::/10 to fe80::/10
00800 12443 1806076 allow ipv6-icmp from fe80::/10 to ff02::/16
00900 24513 4815569 allow ipv6-icmp from any to any ip6 icmp6types 1
01000 100846 8400616 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136
65000 156540476 118230605336 allow ip from any to any
65535 17 1466 allow ip from any to any |
|