Код: Выделить всё
[root@freegtw /]# cat /etc/ipfw.conf
OutIf=vlan10
ipfw -q flush
ipfw add pass all from any to any via lo0
ipfw add deny all from any to 127.0.0.0/8
ipfw add deny ip from 127.0.0.0/8 to any
ipfw add deny ip from any to 0.0.0.0/8 in via ${OutIf}
ipfw add deny all from any to 10.0.0.0/8 in via ${OutIf}
ipfw add deny all from any to 172.16.0.0/12 in via ${OutIf}
ipfw add deny all from any to 192.168.0.0/16 in via ${OutIf}
ipfw add deny all from any to 169.254.0.0/16 in via ${OutIf}
ipfw add deny all from any to 224.0.0.0/4 in via ${OutIf}
ipfw add deny all from any to 240.0.0.0/4 in via ${OutIf}
ipfw nat 100 config if ${OutIf} log reset redirect_port tcp 192.168.1.223:23456 222
ipfw add nat 100 ip from 192.168.1.0/24 to any via ${OutIf}
ipfw add nat 100 ip from any to me via ${OutIf}
ifconfig
Код: Выделить всё
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO>
ether 00:1b:21:c1:e2:8d
inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
age0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=c319b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MCAST,WOL_MAGIC,VLAN_HWTSO,LINKSTATE>
ether 00:1f:c6:a3:35:f4
media: Ethernet autoselect (none)
status: no carrier
ipfw0: flags=8801<UP,SIMPLEX,MULTICAST> metric 0 mtu 65536
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet 127.0.0.1 netmask 0xff000000
vlan10: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=103<RXCSUM,TXCSUM,TSO4>
ether 00:1b:21:c1:e2:8d
inet 95.67.xx.xx netmask 0xfffffffc broadcast 95.67.118.123
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
vlan: 10 parent interface: em0
