- 论坛徽章:
- 0
|
原帖由 colddawn 于 2006-7-3 09:16 发表
ipfw规则贴出来看看,楼上那些人怎么都是iris,sniffer的,这些你能装BSD上?tcpdump不就行了
ipfw的规则
add 00001 deny log ip from any to any ipopt rr
add 00002 deny log ip from any to any ipopt ts
add 00003 deny log ip from any to any ipopt ssrr
add 00004 deny log ip from any to any ipopt lsrr
add 00005 deny tcp from any to any in tcpflags syn,fin
add 10001 allow tcp from any to ×××× 80 in
add 10005 allow tcp from any to ×××× 20 in
add 10002 allow tcp from any to ×××× 21 in
add 10000 allow tcp from any to ×××× 22 in
#add 10004 allow tcp from any to ×××× 23 in
add 10003 allow tcp from any to ×××× 8080 in
add 20001 allow udp from any 53 to ××××
add 29999 allow udp from any to any out
add 30000 allow icmp from any to any icmptypes 3
add 30001 allow icmp from any to any icmptypes 4
add 30002 allow icmp from any to any icmptypes 8 out
add 30003 allow icmp from any to any icmptypes 0 in
add 30004 allow icmp from any to any icmptypes 11 in
add 19997 check-state
add 19998 allow tcp from any to any out keep-state setup
add 19999 allow tcp from any to any out
××××代表我的IP |
|
免费注册
发表于 2006-07-01 00:27
发表于 2006-07-01 22:56
