forum.lissyara.su

Код: Выделить всё

localnet="192.168.2.0/24" 


${fwcmd} add 1040 pass tcp from me 1723 to ${localnet} via em1 # pptp 
${fwcmd} add 1041 pass tcp from ${localnet} to me 1723 via em1 # pptp 
${fwcmd} add 1042 pass gre from ${localnet} to me via em1 # pptp 
${fwcmd} add 1042 pass gre from me to ${localnet} via em1 # pptp 

${fwcmd} add 1045 pass ip from any to any via tun* # all traffic via tun0 
${fwcmd} add 1050 pass ip from me to any out via em0 keep-state # all my traffic to inet 
${fwcmd} nat 1 config if em0 reset same_ports deny_in #nat 

${fwcmd} pipe 3 config bw 1Mbit/s queue 64kbytes mask dst-ip 0xffffffff #unlim1 input 
${fwcmd} pipe 103 config bw 1Mbit/s queue 64kbytes mask src-ip 0xffffffff #unlim1 ouput 

${fwcmd} add 10000 skipto 15000 ip from table\(2\) to any via em0 
${fwcmd} add 14130 nat 1 ip from any to any via em0 
${fwcmd} add 14200 skipto 14500 ip from any to table\(1\) via em0 
${fwcmd} add 14300 deny ip from any to any 

${fwcmd} add 14500 pipe tablearg ip from any to table\(1\) in recv em0 
${fwcmd} add 14600 pass ip from any to any 

${fwcmd} add 15000 pipe tablearg ip from table\(2\) to any out xmit em0 
${fwcmd} add 15100 nat 1 ip from any to any via em0 
${fwcmd} add 15200 allow ip from any to any