Код: Выделить всё
00050 99127 5296762 count ip from me to any via ng0
00051 599560 801480963 count ip from any to me via ng0
00060 3 168 deny icmp from any to any in icmptypes 5,9,13,14,15,16,17
00061 1266 116770 reject ip from 192.168.0.0/16 to any via em0
00070 0 0 allow ip from any to any via lo
00080 1728 107442 allow icmp from any to any
00083 5307 388071 allow udp from me to any dst-port 53
00084 5171 1466658 allow udp from any 53 to me
00099 982448 836689643 divert 8668 ip from any to any via ng0
00100 0 0 allow ip from me to 91.200.40.253,91.200.40.41 dst-port 110
00100 0 0 allow ip from 91.200.40.253,91.200.40.41 110 to me
00101 0 0 allow ip from me to 62.149.15.66 dst-port 110
00101 0 0 allow ip from 62.149.15.66 110 to me
00102 0 0 allow ip from me to 82.207.74.144 dst-port 110
00102 0 0 allow ip from 82.207.74.144 110 to me
00103 449218 940928858 allow ip from any to any via lo0
00185 138850 199921609 allow ip from any 8000-8005 to me
00185 93191 4860156 allow ip from me to any dst-port 8000-8005
00186 185520 230951825 allow ip from me 8000 to 192.168.0.0/16 via em1
00186 104366 4179949 allow ip from 192.168.0.0/16 to me dst-port 8000 via em1
00190 0 0 allow ip from 192.168.1.16 to any via ng0
00191 107099 118020567 allow ip from any to 192.168.1.16 via ng0
00191 0 0 divert 8668 ip from 192.168.1.16 to not me via ng0
00198 63651 4658596 allow ip from me to any via ng0
00199 439 35094 allow ip from any to me via ng0
00200 75 56050 allow ip from not 192.168.1.0/24 80,443,5190 to me via ng0
00200 226728 26811333 allow ip from me to not 192.168.1.0/24 dst-port 80,443,5190 via ng0
00210 0 0 allow ip from not 192.168.2.0/24 80,443,5190 to me via ng0
00210 0 0 allow ip from me to not 192.168.2.0/24 dst-port 80,443,5190 via ng0
00211 0 0 allow ip from not 192.168.4.0/24 80,443,5190 to me via ng0
00212 0 0 allow ip from me to not 192.168.4.0/24 dst-port 80,443,5190 via ng0
00300 12 576 allow ip from me to not 192.168.0.0/16 dst-port 25 via ng0
00300 0 0 allow ip from not 192.168.0.0/16 25 to me via ng0
00320 0 0 allow ip from any 3389 to 192.168.1.16,192.168.1.37,192.168.1.24,192.168.1.91
00320 0 0 allow ip from 192.168.1.16,192.168.1.37,192.168.1.24,192.168.1.91 to any dst-port 3389
00330 1 40 allow ip from any to me dst-port 3389
00330 0 0 allow ip from me 3389 to any
00340 0 0 allow ip from any to 192.168.1.37 dst-port 3389
00340 0 0 allow ip from 192.168.1.37 3389 to any
00350 0 0 allow ip from any to me dst-port 1723
00350 0 0 allow ip from me 1723 to any
00351 0 0 allow gre from any to any via ng0
00470 451 34276 allow udp from any 123 to me
00470 449 34124 allow udp from me to any dst-port 123
00479 0 0 allow udp from me 123 to 192.168.1.0/24
00479 0 0 allow udp from 192.168.1.0/24 to me dst-port 123
00480 310886 32917653 allow ip from 192.168.1.16 to any
00481 817307 1086348313 allow ip from any to 192.168.1.16
00489 0 0 deny ip from 58.65.234.17,69.50.160.212 to any
10010 0 0 allow ip from 192.168.1.1 to me dst-port 53
10010 0 0 allow ip from me 53 to 192.168.1.1
10013 85 11005 count ip from 192.168.1.1 to not me
10014 0 0 pipe 1 ip from not me to 192.168.1.1
10015 85 11005 divert 8668 ip from 192.168.1.1 to any via em1
10016 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.1 to not me dst-port 80
10016 0 0 allow ip from 192.168.1.1 to any dst-port 5999
10017 0 0 allow ip from 192.168.1.1 to 81.177.17.54
10020 0 0 allow ip from 192.168.1.2 to me dst-port 53
10020 0 0 allow ip from me 53 to 192.168.1.2
10021 0 0 allow ip from 192.168.1.2 to me dst-port 25,110,113
10021 0 0 allow ip from me 25,110,113 to 192.168.1.2
10021 0 0 allow ip from 192.168.1.2 113 to me
10021 0 0 allow ip from me to 192.168.1.2 dst-port 113
10030 0 0 allow ip from 192.168.1.3 to me dst-port 53
10030 0 0 allow ip from me 53 to 192.168.1.3
10031 0 0 allow ip from 192.168.1.3 to me dst-port 25,110,113
10031 0 0 allow ip from me 25,110,113 to 192.168.1.3
10031 0 0 allow ip from 192.168.1.3 113 to me
10031 0 0 allow ip from me to 192.168.1.3 dst-port 113
10033 171 24589 count ip from 192.168.1.3 to not me
10034 0 0 pipe 1 ip from not me to 192.168.1.3
10037 0 0 allow ip from 192.168.1.3 to 89.202.149.0/24
10037 0 0 allow ip from 89.202.149.0/24 to 192.168.1.3
10038 0 0 allow ip from 192.168.1.3 to 80.91.178.58,80.91.175.189,80.91.175.181 dst-port 80,443,21,9091
10038 0 0 allow ip from 80.91.178.58,80.91.175.189,80.91.175.181 80,443,21,9091 to 192.168.1.3
10038 0 0 allow ip from 192.168.1.3 to 193.178.144.227,91.196.92.6,81.25.224.155 dst-port 80,443,21,9091
10038 0 0 allow ip from 193.178.144.227,91.196.92.6,81.25.224.155 80,443,21,9091 to 192.168.1.3
10038 0 0 allow ip from 192.168.1.3 to 195.62.14.70 dst-port 10000
10038 0 0 allow ip from 195.62.14.70 10000 to 192.168.1.3
10039 0 0 allow ip from 192.168.1.3 to 80.91.162.98 dst-port 7002
10039 0 0 allow ip from 80.91.162.98 7002 to 192.168.1.3
10039 0 0 allow ip from 192.168.1.3 to not me dst-port 1352
10039 0 0 allow ip from not me 1352 to 192.168.1.3
10050 0 0 allow ip from 192.168.1.5 to me dst-port 53
10050 0 0 allow ip from me 53 to 192.168.1.5
10051 0 0 allow ip from 192.168.1.5 to me dst-port 25,110,113
10051 0 0 allow ip from me 25,110,113 to 192.168.1.5
10051 0 0 allow ip from 192.168.1.5 113 to me
10053 97 11943 count ip from 192.168.1.5 to not me
10054 0 0 pipe 1 ip from not me to 192.168.1.5
10055 97 11943 divert 8668 ip from 192.168.1.5 to any via em1
10056 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.5 to not me dst-port 80
10160 0 0 allow ip from 192.168.1.16 to me dst-port 53
10160 0 0 allow ip from me 53 to 192.168.1.16
10161 0 0 allow ip from 192.168.1.16 to me dst-port 25,110,113
10161 0 0 allow ip from me 25,110,113 to 192.168.1.16
10161 0 0 allow ip from 192.168.1.16 113 to me
10161 0 0 allow ip from me to 192.168.1.16 dst-port 113
10162 0 0 allow ip from 192.168.1.16 to me dst-port 80,8080,21,20,3306
10162 0 0 allow ip from me 80,8080,21,20,3306 to 192.168.1.16
10162 0 0 allow ip from 192.168.1.16 139 to me
10162 0 0 allow ip from me to 192.168.1.16 dst-port 139
10162 0 0 allow ip from 192.168.1.16 to me dst-port 22
10162 0 0 allow ip from me 22 to 192.168.1.16
10163 0 0 count ip from 192.168.1.16 to not me
10164 0 0 pipe 3 ip from not me to 192.168.1.16
10165 0 0 divert 8668 ip from 192.168.1.16 to any via em1
10166 0 0 allow ip from 192.168.1.16 to me dst-port 3128
10166 0 0 allow ip from me 3128 to 192.168.1.16
10167 0 0 allow ip from 192.168.1.16 to not me dst-port 25,110,113
10167 0 0 allow ip from not me 25,110,113 to 192.168.1.16
10167 0 0 allow ip from 192.168.1.16 113 to not me
10167 0 0 allow ip from not me to 192.168.1.16 dst-port 113
10168 0 0 allow ip from 192.168.1.16 to not me dst-port 5190
10168 0 0 allow ip from not me 5190 to 192.168.1.16
10168 0 0 allow ip from 192.168.1.16 to not me dst-port 439,411,443,8080,5222,5223
10168 0 0 allow ip from not me 439,411,433,8080,5222,5223 to 192.168.1.16
10168 0 0 allow ip from 192.168.1.16 to not me dst-port 7000-8010
10168 0 0 allow ip from not me 7000-8010 to 192.168.1.16
10168 0 0 allow ip from 192.168.1.16 to not me dst-port 22,1022,20,21,33000-60000,2350,3450
10168 0 0 allow ip from not me 22,1022,20,21,33000-60000,2350,3450 to 192.168.1.16
10180 0 0 allow ip from 192.168.1.18 to me dst-port 53
10180 0 0 allow ip from me 53 to 192.168.1.18
10181 0 0 allow ip from 192.168.1.18 to me dst-port 25,110,113
10181 0 0 allow ip from me 25,110,113 to 192.168.1.18
10181 0 0 allow ip from 192.168.1.18 113 to me
10181 0 0 allow ip from me to 192.168.1.18 dst-port 113
10182 0 0 allow ip from 192.168.1.18 to me dst-port 22
10182 0 0 allow ip from me 22 to 192.168.1.18
10182 0 0 allow ip from 192.168.1.18 to 81.30.164.218
10182 0 0 allow ip from 81.30.164.218 to 192.168.1.18
10183 206 21479 count ip from 192.168.1.18 to not me
10184 0 0 pipe 4 ip from not me to 192.168.1.18
10185 206 21479 divert 8668 ip from 192.168.1.18 to any via em1
10186 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.18 to not me dst-port 80,8080
10187 0 0 allow ip from 192.168.1.18 to not me dst-port 25,110,113
10187 0 0 allow ip from not me 25,110,113 to 192.168.1.18
10187 0 0 allow ip from 192.168.1.18 113 to not me
10187 0 0 allow ip from not me to 192.168.1.18 dst-port 113
10188 0 0 allow ip from 192.168.1.18 to not me dst-port 5190
10188 0 0 allow ip from not me 5190 to 192.168.1.18
10188 0 0 allow ip from 192.168.1.18 to not me dst-port 20,21,443,439,411,29000
10188 0 0 allow ip from not me 20,21,443,439,411,29000 to 192.168.1.18
10188 0 0 allow ip from 192.168.1.18 to 88.212.222.0/24,95.131.26.70,94.100.185.21
10188 0 0 allow ip from 88.212.222.0/24,95.131.26.70,94.100.185.21 to 192.168.1.18
10220 0 0 allow ip from 192.168.1.22 to me dst-port 53
10220 0 0 allow ip from me 53 to 192.168.1.22
10221 0 0 allow ip from 192.168.1.22 to me dst-port 25,110,113
10221 0 0 allow ip from me 25,110,113 to 192.168.1.22
10221 0 0 allow ip from 192.168.1.22 113 to me
10221 0 0 allow ip from me to 192.168.1.22 dst-port 113
10223 748 58583 count ip from 192.168.1.22 to not me
10224 0 0 pipe 4 ip from not me to 192.168.1.22
10225 748 58583 divert 8668 ip from 192.168.1.22 to any via em1
10226 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.22 to not me dst-port 80
10227 0 0 allow ip from 192.168.1.22 to not me dst-port 25,110,113
10227 0 0 allow ip from not me 25,110,113 to 192.168.1.22
10227 0 0 allow ip from 192.168.1.22 113 to not me
10227 0 0 allow ip from not me to 192.168.1.22 dst-port 113
10228 0 0 allow ip from 192.168.1.22 to not me dst-port 5190
10228 0 0 allow ip from not me 5190 to 192.168.1.22
10228 0 0 allow ip from 192.168.1.22 to not me dst-port 20,21,123
10228 0 0 allow ip from not me 20,21,123 to 192.168.1.22
10228 0 0 allow ip from 192.168.1.22 to not me dst-port 439,443
10228 0 0 allow ip from not me 439,443 to 192.168.1.22
10228 0 0 allow ip from 192.168.1.22 to 81.30.164.218
10228 0 0 allow ip from 81.30.164.218 to 192.168.1.22
10230 0 0 allow ip from 192.168.1.23 to me dst-port 53
10230 0 0 allow ip from me 53 to 192.168.1.23
10233 0 0 count ip from 192.168.1.23 to not me
10234 0 0 pipe 4 ip from not me to 192.168.1.23
10235 0 0 divert 8668 ip from 192.168.1.23 to any via em1
10236 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.23 to not me dst-port 80
10238 0 0 allow ip from 192.168.1.23 to not me dst-port 5190
10238 0 0 allow ip from not me 5190 to 192.168.1.23
10238 0 0 allow ip from 192.168.1.23 to not me dst-port 20,21,123
10238 0 0 allow ip from not me 20,21,123 to 192.168.1.23
10240 0 0 allow ip from 192.168.1.24 to me dst-port 53
10240 0 0 allow ip from me 53 to 192.168.1.24
10241 0 0 allow ip from 192.168.1.24 to me dst-port 25,110,113
10241 0 0 allow ip from me 25,110,113 to 192.168.1.24
10241 0 0 allow ip from 192.168.1.24 113 to me
10241 0 0 allow ip from me to 192.168.1.24 dst-port 113
10242 0 0 allow ip from 192.168.1.24 to 81.30.164.218
10242 0 0 allow ip from 81.30.164.218 to 192.168.1.24
10243 0 0 count ip from 192.168.1.24 to not me
10244 0 0 pipe 4 ip from not me to 192.168.1.24
10245 0 0 divert 8668 ip from 192.168.1.24 to any via em1
10246 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.24 to not me dst-port 80
10248 0 0 allow ip from 192.168.1.24 to not me dst-port 5190
10248 0 0 allow ip from not me 5190 to 192.168.1.24
10250 0 0 allow ip from 192.168.1.25 to me dst-port 53
10250 0 0 allow ip from me 53 to 192.168.1.25
10253 0 0 count ip from 192.168.1.25 to not me
10254 0 0 pipe 4 ip from not me to 192.168.1.25
10255 0 0 divert 8668 ip from 192.168.1.25 to any via em1
10256 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.25 to not me dst-port 80
10258 0 0 allow ip from 192.168.1.25 to not me dst-port 5190
10258 0 0 allow ip from not me 5190 to 192.168.1.25
10258 0 0 allow ip from 192.168.1.25 to not me dst-port 20,21,123
10258 0 0 allow ip from not me 20,21,123 to 192.168.1.25
10260 0 0 allow ip from 192.168.1.26 to me dst-port 53
10260 0 0 allow ip from me 53 to 192.168.1.26
10261 0 0 allow ip from 192.168.1.26 to me dst-port 25,110,113
10261 0 0 allow ip from me 25,110,113 to 192.168.1.26
10261 0 0 allow ip from 192.168.1.26 113 to me
10261 0 0 allow ip from me to 192.168.1.26 dst-port 113
10263 360 31145 count ip from 192.168.1.26 to not me
10264 0 0 pipe 4 ip from not me to 192.168.1.26
10265 360 31145 divert 8668 ip from 192.168.1.26 to any via em1
10266 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.26 to not me dst-port 80
10268 0 0 allow ip from 192.168.1.26 to not me dst-port 5190
10268 0 0 allow ip from not me 5190 to 192.168.1.26
10268 0 0 allow ip from 192.168.1.26 to not me dst-port 20,21
10268 0 0 allow ip from not me 20,21 to 192.168.1.26
10270 0 0 allow ip from 192.168.1.27 to me dst-port 53
10270 0 0 allow ip from me 53 to 192.168.1.27
10271 0 0 allow ip from 192.168.1.27 to me dst-port 25,110,113
10271 0 0 allow ip from me 25,110,113 to 192.168.1.27
10271 0 0 allow ip from 192.168.1.27 113 to me
10271 0 0 allow ip from me to 192.168.1.27 dst-port 113
10273 99 12334 count ip from 192.168.1.27 to not me
10274 0 0 pipe 4 ip from not me to 192.168.1.27
10275 99 12334 divert 8668 ip from 192.168.1.27 to any via em1
10276 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.27 to not me dst-port 80
10278 0 0 allow ip from 192.168.1.27 to not me dst-port 5190
10278 0 0 allow ip from not me 5190 to 192.168.1.27
10278 0 0 allow ip from 192.168.1.27 to 192.168.2.1 dst-port 3389
10278 0 0 allow ip from 192.168.2.1 3389 to 192.168.1.27
10278 0 0 allow ip from 192.168.1.27 to 192.168.10.1 dst-port 3389
10278 0 0 allow ip from 192.168.10.1 3389 to 192.168.1.27
10278 0 0 allow ip from 192.168.1.27 to not me dst-port 443,443
10278 0 0 allow ip from not me 443,443 to 192.168.1.27
10278 0 0 allow ip from 192.168.1.27 to 82.207.94.108 dst-port 4090
10278 0 0 allow ip from 82.207.94.108 4090 to 192.168.1.27
10320 0 0 allow ip from 192.168.1.32 to me dst-port 53
10320 0 0 allow ip from me 53 to 192.168.1.32
10321 0 0 allow ip from 192.168.1.32 to me dst-port 25,110,113
10321 0 0 allow ip from me 25,110,113 to 192.168.1.32
10321 0 0 allow ip from 192.168.1.32 113 to me
10321 0 0 allow ip from me to 192.168.1.32 dst-port 113
10323 0 0 count ip from 192.168.1.32 to not me
10324 0 0 pipe 4 ip from not me to 192.168.1.32
10325 0 0 divert 8668 ip from 192.168.1.32 to any via em1
10326 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.32 to not me dst-port 80
10327 0 0 allow ip from 192.168.1.32 to not me dst-port 25,110,113
10327 0 0 allow ip from not me 25,110,113 to 192.168.1.32
10327 0 0 allow ip from 192.168.1.32 113 to not me
10327 0 0 allow ip from not me to 192.168.1.32 dst-port 113
10328 0 0 allow ip from 192.168.1.32 to not me dst-port 5190
10328 0 0 allow ip from not me 5190 to 192.168.1.32
10328 0 0 allow ip from 192.168.1.32 to not me dst-port 20,21,443,7002
10328 0 0 allow ip from not me 20,21,443,7002 to 192.168.1.32
10328 0 0 allow ip from 192.168.1.32 to 80.91.178.58,80.91.175.189 dst-port 80,443,21,9091
10328 0 0 allow ip from 80.91.178.58,80.91.175.189 80,443,21,9091 to 192.168.1.32
10328 0 0 allow ip from 192.168.1.32 to 193.178.144.227,91.196.92.6,81.25.224.155 dst-port 80,443,21,9091
10328 0 0 allow ip from 193.178.144.227,91.196.92.6,81.25.224.155 80,443,21,9091 to 192.168.1.32
10328 0 0 allow ip from 192.168.1.32 to 195.62.14.70 dst-port 10000
10328 0 0 allow ip from 195.62.14.70 10000 to 192.168.1.32
10328 0 0 allow ip from 192.168.1.32 to 212.42.64.9
10328 0 0 allow ip from 212.42.64.9 to 192.168.1.32
10370 0 0 allow ip from 192.168.1.37 to me dst-port 53
10370 0 0 allow ip from me 53 to 192.168.1.37
10371 0 0 allow ip from 192.168.1.37 to me dst-port 25,110,113
10371 0 0 allow ip from me 25,110,113 to 192.168.1.37
10371 0 0 allow ip from 192.168.1.37 113 to me
10371 0 0 allow ip from me to 192.168.1.37 dst-port 113
10372 0 0 allow ip from 192.168.1.37 to me dst-port 80,8080
10372 0 0 allow ip from me 80,8080 to 192.168.1.37
10372 0 0 allow ip from 192.168.1.37 to me dst-port 3306
10372 0 0 allow ip from me 3306 to 192.168.1.37
10372 0 0 allow ip from 192.168.1.37 to me dst-port 22
10372 0 0 allow ip from me 22 to 192.168.1.37
10372 0 0 allow ip from 192.168.1.37 to me dst-port 20,21
10372 0 0 allow ip from me 20,21 to 192.168.1.37
10372 0 0 allow ip from 192.168.1.37 to me dst-port 8000-8023
10372 0 0 allow ip from me 8000-8023 to 192.168.1.37
10373 391 34769 count ip from 192.168.1.37 to not me
10374 0 0 pipe 3 ip from not me to 192.168.1.37
10375 3720 194561 divert 8668 ip from 192.168.1.37 to any via em1
10376 0 0 fwd 127.0.0.1,3128 tcp from 192.168.1.37 to not me dst-port 80
10377 0 0 allow ip from 192.168.1.37 to not me dst-port 25,110,113
10377 0 0 allow ip from not me 25,110,113 to 192.168.1.37
10377 0 0 allow ip from 192.168.1.37 113 to not me
10378 0 0 allow ip from 192.168.1.37 to not me dst-port 5190
10378 0 0 allow ip from not me 5190 to 192.168.1.37
10378 0 0 allow ip from 192.168.1.37 to not me dst-port 20,21,123
10378 0 0 allow ip from not me 20,21,123 to 192.168.1.37
10378 0 0 allow ip from 192.168.1.37 to not me dst-port 1000,1999,2020,3020
10378 0 0 allow ip from not me 1000,1999,2020,3020 to 192.168.1.37
10420 0 0 allow ip from 192.168.1.42 to me dst-port 53
10420 0 0 allow ip from me 53 to 192.168.1.42
10421 0 0 allow ip from 192.168.1.42 to me dst-port 25,110,113
10421 0 0 allow ip from me 25,110,113 to 192.168.1.42
10421 0 0 allow ip from 192.168.1.42 113 to me
10421 0 0 allow ip from me to 192.168.1.42 dst-port 113
10423 0 0 count ip from 192.168.1.42 to not me
10424 0 0 pipe 5 ip from not me to 192.168.1.42
10425 0 0 divert 8668 ip from 192.168.1.42 to any via em1
10426 0 0 allow ip from 192.168.1.42 to me dst-port 3128
10426 0 0 allow ip from me 3128 to 192.168.1.42
10428 0 0 allow ip from 192.168.1.42 to not me dst-port 5190,439,411,443
10428 0 0 allow ip from not me 5190,439,411,443 to 192.168.1.42
13000 0 0 allow ip from 192.168.2.254 to me dst-port 53
13000 0 0 allow ip from me 53 to 192.168.2.254
13005 0 0 divert 8668 ip from 192.168.2.254 to any via em1
14000 0 0 allow ip from 192.168.4.254 to me dst-port 53
14000 0 0 allow ip from me 53 to 192.168.4.254
14005 0 0 divert 8668 ip from 192.168.4.254 to any via em1
65000 6288 1563077 count log logamount 100 ip from any to me
65010 3017 211849 count log logamount 100 ip from me to any
65020 136844 12411113 count log logamount 100 ip from any to any
65102 0 0 deny ip from 192.168.2.0/24 to me
65103 0 0 deny ip from 192.168.2.0/24 to any
65104 0 0 deny ip from 192.168.4.0/24 to me
65105 0 0 deny ip from 192.168.4.0/24 to any
65106 0 0 deny ip from 192.168.5.0/24 to me
65107 0 0 deny ip from 192.168.5.0/24 to any
65112 0 0 deny ip from 193.254.219.108/30 to any
65112 0 0 deny ip from 192.168.2.0/24 to any
65113 0 0 deny ip from any to 89.108.83.0/24
65113 0 0 deny ip from any to 192.168.2.0/24
65213 0 0 divert 8668 ip from 192.168.1.16 to not me via ng0
65535 94344 8601293 deny ip from any to any