Код: Выделить всё
00050 0 0 check-state
00150 0 0 deny ip from any to any frag
00160 0 0 deny ip from any to 127.0.0.0/8
00170 0 0 deny ip from 127.0.0.0/8 to any
00180 0 0 allow ip from any to any via lo0
00190 0 0 allow ip from any to any via ng0
00200 0 0 allow ip from any to any via ng1
00210 0 0 allow ip from any to any via ng2
00220 0 0 deny ip from 10.0.0.0/24 to any in via xl0
00230 0 0 deny ip from 10.0.1.0/24 to any in via rl0
00240 0 0 deny ip from any to 192.168.0.0/16 in via xl0
00250 0 0 deny ip from any to 172.16.0.0/12 in via xl0
00260 0 0 deny ip from any to 0.0.0.0/8 in via xl0
00270 0 0 deny ip from any to 169.254.0.0/16 in via xl0
00280 0 0 deny ip from any to 224.0.0.0/4 in via xl0
00290 0 0 deny ip from any to 240.0.0.0/4 in via xl0
00300 0 0 deny icmp from any to any frag
00310 0 0 deny icmp from any to any in icmptypes 5,9,13,14,15,16,17
00320 0 0 reject tcp from any to any tcpflags syn,fin,ack,psh,rst,urg
00330 0 0 reject tcp from any to any tcpflags !syn,!fin,!ack,!psh,!rst,!urg
00340 0 0 reject tcp from any to any not established tcpflags fin
00350 0 0 reject log logamount 100 ip from any to any not verrevpath in
00360 0 0 deny tcp from any to any dst-port 113 in via xl0
00370 0 0 deny tcp from any to any dst-port 135,136,137,138,139 in via xl0
00380 0 0 deny log logamount 100 icmp from any to 255.255.255.255 in via xl0
00390 0 0 deny log logamount 100 icmp from any to 255.255.255.255 out via xl0
00450 0 0 fwd 127.0.0.1,3128 tcp from 10.0.0.0/24 to any dst-port 80 via xl0
00500 3513 396339 divert 8668 ip from 10.0.0.0/24 to any out via xl0
00510 6122 4604083 divert 8668 ip from any to 10.0.1.2 in via xl0
00511 1234 1527929 pipe 1 ip from any to 10.0.0.11
00600 0 0 deny ip from 192.168.0.0/16 to any out via xl0
00610 0 0 deny ip from 172.16.0.0/12 to any out via xl0
00620 0 0 deny ip from 0.0.0.0/8 to any out via xl0
00630 0 0 deny ip from 169.254.0.0/16 to any out via xl0
00640 0 0 deny ip from 224.0.0.0/4 to any out via xl0
00650 0 0 deny ip from 240.0.0.0/4 to any out via xl0
00660 24733 11029201 allow tcp from any to any established
00665 0 0 allow icmp from any to any icmptypes 0,8,11
00670 139 10744 allow ip from any to 10.0.0.0/24 in via rl0
00675 10 1379 allow ip from 10.0.0.0/24 to any out via rl0
00700 0 0 allow udp from any to 10.0.1.2 dst-port 53 in via xl0
00710 0 0 allow udp from 10.0.1.2 53 to any out via xl0
00720 19 4261 allow udp from any 53 to 10.0.1.2 in via xl0
00730 25 1693 allow udp from 10.0.1.2 to any dst-port 53 out via xl0
00740 0 0 allow tcp from any to 10.0.1.2 dst-port 53 in via xl0
00750 0 0 allow tcp from any to 10.0.1.2 dst-port 35665 in via xl0 setup
00800 0 0 allow tcp from any to 10.0.0.226 dst-port 25 via xl0 setup
00810 0 0 allow tcp from any to 10.0.0.226 dst-port 25 via rl0 setup
00820 0 0 allow tcp from any to 10.0.0.226 dst-port 110 via xl0 setup
00830 0 0 allow tcp from any to 10.0.0.226 dst-port 110 via rl0 setup
00840 0 0 allow tcp from any to 10.0.0.226 dst-port 143 via xl0 setup
00850 0 0 allow tcp from any to 10.0.0.226 dst-port 143 via rl0 setup
00860 0 0 allow tcp from any to 10.0.0.226 dst-port 587 via xl0 setup
00870 0 0 allow tcp from any to 10.0.0.226 dst-port 587 via rl0 setup
00880 0 0 allow tcp from any to 10.0.0.226 dst-port 366 via xl0 setup
00890 0 0 allow tcp from any to 10.0.0.226 dst-port 366 via rl0 setup
01000 0 0 allow tcp from any to 10.0.1.2 dst-port 1723 in via xl0 setup
01010 0 0 allow gre from any to any
01500 6 1340 allow udp from any 53 to 10.0.0.0/24 in via xl0
01600 6 1340 allow udp from any 53 to 10.0.0.0/24 out via rl0
01700 6 361 allow udp from 10.0.0.0/24 to any dst-port 53 in via rl0
01900 0 0 deny tcp from any to 10.0.1.2 in via xl0 setup
02000 106 6316 allow tcp from 10.0.1.2 to any out via xl0 setup
02100 0 0 allow tcp from any to 10.0.1.2 in via rl0 setup
02300 1 48 allow tcp from table(1) to not 10.0.0.0/24 in via rl0 setup
02400 0 0 allow tcp from table(2) to not 10.0.0.0/24 in via rl0 setup
02410 3 148 allow tcp from table(3) to not 10.0.0.0/24 dst-port 5432 in via rl0 setup
65535 10081 585267 deny ip from any to any