论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2003-07-27 10:56 |只看该作者 |倒序浏览

我在我的网关主机（FreeBSD4.8）上应用了如下的ipfilter规则
block in quick all with short
block in quick all with ipopts
block in quick all with frag
block in quick all with opt lsrr
block in quick all with opt ssrr

pass in quick on tun0 proto tcp from any to any port = 20 keep state
pass in quick on tun0 proto tcp from any to any port = 21 keep state

pass in quick on tun0 proto tcp from any to any port = 22 keep state

pass in quick on tun0 proto tcp from any to any port = 25 keep state
pass in quick on tun0 proto tcp from any to any port = 110 keep state

pass in quick on tun0 proto tcp from any to any port = 80 keep state

#pass in quick on tun0 proto tcp from any to any port = 3306 keep state

pass in quick on tun0 proto tcp from any to any port = ftp flags S/SA keep state
pass in quick on tun0 proto tcp from any to any port = ftp-data flags S/SA keep state
pass in quick on tun0 proto tcp from any to any port 30000 >;< 50001 flags S/SA keep state

pass out on tun0 proto icmp all keep state
pass out on tun0 proto tcp/udp from any to any keep state

pass in on rl0 all
pass out on rl0 all
pass in on lo0 all
pass out on lo0 all

发现内网的qq主动呼叫外网用户没有问题，但是外网用户不能主动呼叫内网用户
不知道还需要开放哪些端口？

文库|博客

syzlmr

白手起家

论坛徽章:: 0

2楼 [报告]

发表于 2003-07-27 18:35 |只看该作者

ipfilter和QQ的问题

pass in quick on tun0 proto tcp from any to any port = 5190 flags S/SA keep state

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

返回列表

Chinaunix › 论坛 › 操作系统 › BSD › ipfilter和QQ的问题

ipfilter和QQ的问题 [复制链接]

ipfilter和QQ的问题