forum.lissyara.su

Код: Выделить всё

/home/nrv/>>ipfw show
00100   900   89064 allow ip from any to any via lo0
00200     0       0 deny ip from any to 127.0.0.0/8
00300     0       0 deny ip from 127.0.0.0/8 to any
00400     0       0 deny ip from 192.168.0.0/24 to any in via tun0
00500     0       0 deny ip from 10.x.x.x to any in via sk0
00600     0       0 deny ip from any to 172.16.0.0/12 in via tun0
00700     0       0 deny ip from any to 192.168.0.0/16 in via tun0
00800     0       0 deny ip from any to 0.0.0.0/8 in via tun0
00900     0       0 deny ip from any to 169.254.0.0/16 in via tun0
01000     0       0 deny ip from any to 224.0.0.0/4 in via tun0
01100     0       0 deny ip from any to 240.0.0.0/4 in via tun0
01200     0       0 deny icmp from any to any frag
01300     0       0 deny log logamount 100 icmp from any to 255.255.255.255 in via tun0
01400     0       0 deny log logamount 100 icmp from any to 255.255.255.255 out via tun0
01500  3146  495799 divert 8668 ip from 192.168.0.0/24 to any out via tun0
01600  3785 3454599 divert 8668 ip from any to 10.x.x.x in via tun0
01700     0       0 deny ip from 172.16.0.0/12 to any out via tun0
01800     0       0 deny ip from 192.168.0.0/16 to any out via tun0
01900     0       0 deny ip from 0.0.0.0/8 to any out via tun0
02000     0       0 deny ip from 169.254.0.0/16 to any out via tun0
02100     0       0 deny ip from 224.0.0.0/4 to any out via tun0
02200     0       0 deny ip from 240.0.0.0/4 to any out via tun0
02300    62    3720 allow icmp from any to any icmptypes 0,8,11
02400  2952  247842 allow ip from any to 192.168.0.0/24 in via sk0
02500  1972  594860 allow ip from 192.168.0.0/24 to any out via sk0
02600 12634 7783738 allow tcp from any to any established
02700     0       0 allow tcp from any to any dst-port 53
02800     0       0 allow tcp from any 53 to any
02900   336   21150 allow udp from any to any dst-port 53
03000   317   62051 allow udp from any 53 to any
03100     0       0 allow udp from any to any dst-port 123 via tun0
03200     0       0 allow tcp from any to 10.x.x.x dst-port 53 in via tun0 setup
03300     0       0 allow tcp from any to 10.x.x.x dst-port 80 in via tun0 setup
03400     0       0 allow tcp from any to 10.x.x.x dst-port 20,21 in via tun0 setup
03500     0       0 allow tcp from any to 10.x.x.x dst-port 25 in via tun0 setup
03600     0       0 allow tcp from any to 10.x.x.x dst-port 22 in via tun0 setup
03700     0       0 allow tcp from any to 10.x.x.x dst-port 20,21 in via tun0 setup
03800     0       0 allow tcp from any to 10.x.x.x dst-port 49152-65535 via tun0
03900     0       0 deny log logamount 100 tcp from any to 10.x.x.x in via tun0 setup
04000   268   12864 allow tcp from 10.x.x.x to any out via tun0 setup
04100     0       0 allow tcp from any to 10.x.x.x in via sk0 setup
04200     0       0 allow tcp from 192.168.0.0/24 to any dst-port 5190 in via sk0 setup
04300   264   12672 allow tcp from 192.168.0.103 to not 192.168.0.0/24 in via sk0 setup
04400     4     192 allow tcp from 192.168.0.104 to not 192.168.0.0/24 in via sk0 setup
04500     0       0 allow tcp from 192.168.0.109 to not 192.168.0.0/24 in via sk0 setup
04600    12    1164 deny ip from any to any
65535     1      64 deny ip from any to any

Код: Выделить всё

...
01500  3146  495799 divert 8668 ip from 192.168.0.0/24 to any out via tun0
...