<% dim ModuleName,InfoID,ChannelShortName,CorrelativeArticle,InstallDir,ChannelDir,Keyword,PageTitle,ArticleIntro,Articlecontent Keyword=stripHTML("原理,内核") PageTitle=stripHTML("FreeBSD4.8 IPFW How to!") ArticleIntro=stripHTML("") Articlecontent=stripHTML("测试机IP为211.162.77.73 网卡为:xl0 内核中加了流量管理,你可以根据实际需要增删。 uname -a 如果你用的是默认内核GENERIC则如下…") ModuleName = stripHTML("classical") InfoID = stripHTML("30245") ChannelShortName=stripHTML("文章") InstallDir=stripHTML("http://www.77169.com/") ChannelDir=stripHTML("classical") %> FreeBSD4.8 IPFW How to! - 华盟网 - http://www.77169.com  <% Function stripHTML(strHTML) 'Strips the HTML tags from strHTML Dim objRegExp, strOutput Set objRegExp = New Regexp objRegExp.IgnoreCase = True objRegExp.Global = True objRegExp.Pattern = "<.+?>" 'Replace all HTML tag matches with the empty string strOutput = objRegExp.Replace(strHTML, "") 'Replace all < and > with < and > strOutput = Replace(strOutput, "<", "<") strOutput = Replace(strOutput, ">", ">") strOutput = Replace(strOutput,Chr(34),Chr(39)) stripHTML = strOutput 'Return the value of strOutput Set objRegExp = Nothing End Function %> "> 
您现在的位置: 华盟网 >> 知识库 >> 操作系统 >> FreeBSD >> 原理与内核 >> 正文

FreeBSD4.8 IPFW How to!

2005/9/1 作者:unknown 来源: unknown
导读 <% if len(ArticleIntro)<3 then Response.Write Articlecontent 'Response.Write "Articlecontent" else Response.Write ArticleIntro 'Response.Write "ArticleIntro" end if %>
测试机IP为211.162.77.73
网卡为:xl0
内核中加了流量管理,你可以根据实际需要增删。

uname -a
如果你用的是默认内核GENERIC则如下操作:
=============================================
cd /sys/i386/conf
cp GENERIC ./GENERIC_IPFW
---------------------------------
ee GENERIC_IPFW 添加以下内容

options IPFIREWALL
options IPDIVERT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
options IPSTEALTH
options ACCEPT_FILTER_DATA
options ACCEPT_FILTER_HTTP
options ICMP_BANDLIM
options DUMMYNET
---------------------------------
config ./GENERIC_IPFW
cd ../../compile/GENERIC_IPFW
make depend all install
---------------------------------
ee /etc/rc.conf 添加以下内容

##########IP-firewall#################
firewall_enable="YES"
firewall_script="/etc/rc.firewall"
firewall_type="/etc/ipfw.conf"
firewall_quiet="YES"
firewall_logging_enable="YES"
---------------------------------
ee /etc/syslog.conf 添加以下内容

!ipfw
*.* /var/log/ipfw.log
---------------------------------
ee /etc/ipfw.conf 添加以下内容

add 00001 deny log ip from any to any ipopt rr
add 00002 deny log ip from any to any ipopt ts
add 00003 deny log ip from any to any ipopt ssrr
add 00004 deny log ip from any to any ipopt lsrr
add 00005 deny tcp from any to any in tcpflags syn,fin
#######tcp#########
add 10000 allow tcp from 211.162.77.77 to 211.162.77.73 22 in
add 10001 allow tcp from any to 211.162.77.73 21,25,80,110,3306,5999 in
add 19997 check-state
add 19998 allow tcp from any to any out keep-state setup
add 19999 allow tcp from any to any out
######udp##########
add 20001 allow udp from any 53 to me in recv xl0
add 20002 allow udp from any to 211.162.77.73 53 in recv xl0
add 29999 allow udp from any to any out
######icmp#########
add 30000 allow icmp from any to any icmptypes 3,4
add 30001 allow icmp from any to any icmptypes 8 out
add 30002 allow icmp from any to any icmptypes 0,11 in  
                  微信群名称:华盟-黑白之道         华盟--黑白之道⑦QQ群: 9430885

  • 上一篇文章:

  • 下一篇文章:
  • 
    网友评论
      验证码
     
    

    关注

    分享

    0

    讨论

    2

    猜你喜欢

      <%=CorrelativeArticle%>

    论坛最新贴