- 论坛徽章:
- 0
|
下面是我的FreeBSD5.0的ipfw.conf文件,用ssh(souceCRT)登陆每次都要用大概3分钟以上才能登陆上去,。。。太慢了。
我用过排除法试验,但是没找出是那条或哪几条规则导致的这个现象,请各位指点。
johnny# less /etc/ipfw.conf
add 00400 divert natd ip from any to any via vr0
add 00001 deny log ip from any to any ipoptions rr
add 00002 deny log ip from any to any ipoptions ts
add 00003 deny log ip from any to any ipoptions ssrr
add 00004 deny log ip from any to any ipoptions lsrr
add 00005 deny tcp from any to any in tcpflags syn,fin
############################ TCP #######################
add 10000 allow tcp from any to me 22 in
add 19997 check-state
add 19998 allow tcp from any to any out keep-state setup
add 19999 allow tcp from any to any out
############################ UDP #######################
add 20001 allow udp from any 53 to me in recv vr0
add 20002 allow udp from any to me 53 in recv vr0
add 29999 allow udp from any to any out
############################ icmp ######################
add 30000 allow icmp from any to any icmptypes 3
add 30001 allow icmp from any to any icmptypes 4
add 30002 allow icmp from any to any icmptypes 8 out
add 30003 allow icmp from any to any icmptypes 0 in
add 30004 allow icmp from any to any icmptypes 11 in
############################ lan #######################
add 40000 allow all from 192.168.0.0/24 to any
add 40001 allow all from any to 192.168.0.0/24 |
|
免费注册
发表于 2004-07-08 15:25
