mirror of
https://github.com/fwbuilder/fwbuilder
synced 2025-10-15 23:18:51 +02:00
see #2524 'avoid " {tcp udp icmp} " in place of protocol'. NAT
compiler for PF does not need to generate protocol match "proto {tcp
udp icmp}" when service object used in the NAT rule is "any". The
reason this was done this way is lost in the mist of time; it's been
like this since very early versions of fwbuilder.
This commit is contained in:
Vadim Kurland
parent
49eed4d5be
commit
344a22feed
@ -1,3 +1,12 @@
|
||||
2011-06-22 Vadim Kurland <vadim@netcitadel.com>
|
||||
|
||||
* NATCompiler_pf_writers.cpp (_printProtocol): see #2524 'avoid
|
||||
" {tcp udp icmp} " in place of protocol'. NAT compiler for PF does
|
||||
not need to generate protocol match "proto {tcp udp icmp}" when
|
||||
service object used in the NAT rule is "any". The reason this was
|
||||
done this way is lost in the mist of time; it's been like this
|
||||
since very early versions of fwbuilder.
|
||||
|
||||
2011-06-21 vadim <vadim@netcitadel.com>
|
||||
|
||||
* NATCompiler_pf.cpp (compile): fixed #2428 "PF compiler crashes
|
||||
|
||||
@ -40,6 +40,7 @@
|
||||
#include "fwbuilder/IPv4.h"
|
||||
#include "fwbuilder/Firewall.h"
|
||||
#include "fwbuilder/DNSName.h"
|
||||
#include "fwbuilder/UserService.h"
|
||||
|
||||
#include <assert.h>
|
||||
#include <QStringList>
|
||||
@ -387,12 +388,14 @@ void NATCompiler_pf::PrintRule::_printProtocol(Service *srv)
|
||||
if (minus_p != string::npos) return;
|
||||
}
|
||||
|
||||
if ( !TagService::isA(srv))
|
||||
if (!srv->isAny() && !TagService::isA(srv) && !UserService::isA(srv) &&
|
||||
srv->getProtocolName()!="ip")
|
||||
{
|
||||
string s = srv->getProtocolName();
|
||||
if (s=="ip" || s=="any") s="{tcp udp icmp}";
|
||||
compiler->output << "proto " << s << " ";
|
||||
compiler->output << "proto ";
|
||||
compiler->output << srv->getProtocolName();
|
||||
compiler->output << " ";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
|
||||
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1297993801" id="root">
|
||||
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1297993801" id="root">
|
||||
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
|
||||
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
|
||||
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:43 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:26 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw
|
||||
# files: firewall-base-rulesets.conf /etc/fw/firewall-base-rulesets.conf
|
||||
@ -169,7 +169,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "en2 192.168.100.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:43 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:26 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:43 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall-ipv6-1.fw pf-ipv6.fw
|
||||
# files: firewall-ipv6-1.conf /etc/fw/pf-ipv6.conf
|
||||
@ -181,7 +181,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:43 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
# Tables: (5)
|
||||
table <tbl.r4.s> { 222.222.222.22 , 222.222.222.23 }
|
||||
table <tbl.r4.sx> { 2001:5c0:0:2::24 , 3ffe:1200:2000::/36 , 3ffe:1200:2001:1:8000::1 }
|
||||
table <tbl.r5.s> { 61.150.47.112 , 74.125.224.48 , 74.125.224.49 , 74.125.224.50 , 74.125.224.51 , 74.125.224.52 , 192.168.1.0 }
|
||||
table <tbl.r5.s> { 61.150.47.112 , 74.125.224.112 , 74.125.224.113 , 74.125.224.114 , 74.125.224.115 , 74.125.224.116 , 192.168.1.0 }
|
||||
table <tbl.r5.sx> { 2001:5c0:0:2::24 , 3ffe:1200:2001:1:8000::1 }
|
||||
table <tbl.r7.s> { 61.150.47.112 , 192.168.1.0 }
|
||||
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall-ipv6-2.fw pf.fw
|
||||
# files: firewall-ipv6-2.conf pf.conf
|
||||
@ -185,7 +185,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw
|
||||
# files: firewall-ipv6-3.conf /etc/firewall-ipv6-3.conf
|
||||
|
||||
@ -32,8 +32,8 @@ table <tbl.r9.s> { 211.11.11.11 , 211.22.22.22 }
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
rdr proto tcp from any to <tbl.r2> port 25 -> 192.168.1.10 port 25
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:17 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:49:58 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall.fw /etc/pf.fw
|
||||
# files: firewall.conf /etc/pf.conf
|
||||
@ -173,7 +173,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:17 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:49:58 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -28,49 +28,49 @@ table <tbl.r9> { 22.22.22.22 , 22.22.23.23 , 192.168.1.1 , 192.168.2.1 }
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
no nat proto {tcp udp icmp} from 192.168.1.0/24 to 192.168.2.0/24
|
||||
no rdr proto {tcp udp icmp} from 192.168.1.0/24 to 192.168.2.0/24
|
||||
no nat from 192.168.1.0/24 to 192.168.2.0/24
|
||||
no rdr from 192.168.1.0/24 to 192.168.2.0/24
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.10 to any -> 22.22.22.23
|
||||
nat from 192.168.1.10 to any -> 22.22.22.23
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat proto {tcp udp icmp} from ! 192.168.1.0/24 to 200.200.200.200 -> 22.22.22.23
|
||||
nat from ! 192.168.1.0/24 to 200.200.200.200 -> 22.22.22.23
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth2)
|
||||
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth3)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth2 from 192.168.1.0/24 to any -> (eth2)
|
||||
nat on eth3 from 192.168.1.0/24 to any -> (eth3)
|
||||
#
|
||||
# Rule 4 (NAT)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth3)
|
||||
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth3 from 192.168.1.0/24 to any -> (eth3)
|
||||
#
|
||||
# Rule 5 (NAT)
|
||||
# more examples
|
||||
# of NAT rules with
|
||||
# multiple objects in TSrc
|
||||
# in firewall3
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> { 22.22.22.50 , 22.22.22.51 }
|
||||
nat from 192.168.1.0/24 to any -> { 22.22.22.50 , 22.22.22.51 }
|
||||
#
|
||||
# Rule 6 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth0)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth1)
|
||||
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth2)
|
||||
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth3)
|
||||
nat on eth0 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth0)
|
||||
nat on eth1 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth1)
|
||||
nat on eth2 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth2)
|
||||
nat on eth3 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth3)
|
||||
#
|
||||
# Rule 7 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to ! <tbl.r7> -> (eth0)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to ! <tbl.r7> -> (eth1)
|
||||
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to ! <tbl.r7> -> (eth2)
|
||||
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to ! <tbl.r7> -> (eth3)
|
||||
nat on eth0 from 192.168.1.0/24 to ! <tbl.r7> -> (eth0)
|
||||
nat on eth1 from 192.168.1.0/24 to ! <tbl.r7> -> (eth1)
|
||||
nat on eth2 from 192.168.1.0/24 to ! <tbl.r7> -> (eth2)
|
||||
nat on eth3 from 192.168.1.0/24 to ! <tbl.r7> -> (eth3)
|
||||
#
|
||||
# Rule 8 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from ! 192.168.2.0/24 to any -> (eth0)
|
||||
nat on eth1 proto {tcp udp icmp} from ! 192.168.2.0/24 to any -> (eth1)
|
||||
nat on eth2 proto {tcp udp icmp} from ! 192.168.2.0/24 to any -> (eth2)
|
||||
nat on eth3 proto {tcp udp icmp} from ! 192.168.2.0/24 to any -> (eth3)
|
||||
nat on eth0 from ! 192.168.2.0/24 to any -> (eth0)
|
||||
nat on eth1 from ! 192.168.2.0/24 to any -> (eth1)
|
||||
nat on eth2 from ! 192.168.2.0/24 to any -> (eth2)
|
||||
nat on eth3 from ! 192.168.2.0/24 to any -> (eth3)
|
||||
#
|
||||
# Rule 9 (NAT)
|
||||
rdr proto tcp from 192.168.1.0/24 to ! <tbl.r9> port 80 -> 127.0.0.1 port 3128
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:18 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:49:58 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall1.fw /etc/fw/firewall1.fw
|
||||
# files: firewall1.conf /etc/fw/firewall1.conf
|
||||
@ -76,7 +76,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:18 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:49:58 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -7,7 +7,7 @@ scrub in all fragment reassemble
|
||||
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
|
||||
#
|
||||
# Rule backup ssh access rule
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:19 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:00 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall10-1.fw /etc/fw/firewall10-1.fw
|
||||
# files: firewall10-1.conf /etc/fw/firewall10-1.conf
|
||||
@ -74,7 +74,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:19 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:00 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -8,7 +8,7 @@ scrub in all fragment reassemble
|
||||
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
|
||||
#
|
||||
# Rule backup ssh access rule
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:20 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:00 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall10-2.fw /etc/fw/firewall10-2.fw
|
||||
# files: firewall10-2.conf /etc/fw/firewall10-2.conf
|
||||
@ -74,7 +74,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:20 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:00 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -7,7 +7,7 @@ scrub in all fragment reassemble
|
||||
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
|
||||
#
|
||||
# Rule backup ssh access rule
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:21 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:02 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall10-3.fw /etc/fw/firewall10-3.fw
|
||||
# files: firewall10-3.conf /etc/fw/firewall10-3.conf
|
||||
@ -76,7 +76,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:21 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:02 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -8,7 +8,7 @@ scrub in all fragment reassemble
|
||||
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
|
||||
#
|
||||
# Rule backup ssh access rule
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:22 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:04 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall10-4.fw /etc/fw/firewall10-4.fw
|
||||
# files: firewall10-4.conf /etc/fw/firewall10-4.conf
|
||||
@ -76,7 +76,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:22 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:04 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -7,7 +7,7 @@ scrub in all fragment reassemble
|
||||
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
|
||||
#
|
||||
# Rule backup ssh access rule
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:24 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:05 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall10-5.fw /etc/fw/firewall10-5.fw
|
||||
# files: firewall10-5.conf /etc/fw/firewall10-5.conf
|
||||
@ -77,7 +77,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:24 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:05 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -8,7 +8,7 @@ scrub in all fragment reassemble
|
||||
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
|
||||
#
|
||||
# Rule backup ssh access rule
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:25 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:06 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall10-6.fw /etc/fw/firewall10-6.fw
|
||||
# files: firewall10-6.conf /etc/fw/firewall10-6.conf
|
||||
@ -77,7 +77,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:25 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:06 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:18 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:49:58 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall100.fw /etc/fw/pf.fw
|
||||
# files: firewall100.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -167,7 +167,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:18 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:49:58 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:19 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:00 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall101.fw /etc/fw/pf.fw
|
||||
# files: firewall101.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -170,7 +170,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:19 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:00 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:20 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:00 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall102.fw /etc/fw/pf.fw
|
||||
# files: firewall102.conf /etc/fw/path\ with\ space/pf.conf
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:22 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:02 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall103-1.fw /etc/fw/pf.fw
|
||||
# files: firewall103-1.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -394,7 +394,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:22 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:02 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:22 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:02 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall103-2.fw /etc/fw/pf.fw
|
||||
# files: firewall103-2.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -394,7 +394,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:22 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:02 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:21 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:02 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall103.fw /etc/fw/pf.fw
|
||||
# files: firewall103.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -397,7 +397,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:21 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:02 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:23 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:04 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall104-1.fw /etc/fw/pf.fw
|
||||
# files: firewall104-1.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -393,7 +393,7 @@ configure_interfaces() {
|
||||
$IFCONFIG bridge0 -stp em3
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:23 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:04 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:22 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:03 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall104.fw /etc/fw/pf.fw
|
||||
# files: firewall104.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -396,7 +396,7 @@ configure_interfaces() {
|
||||
$IFCONFIG bridge0 stp em3
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:22 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:03 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:23 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:04 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall105.fw /etc/fw/pf.fw
|
||||
# files: firewall105.conf /etc/fw/path\ with\ space/pf.conf
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:24 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:06 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall106.fw /etc/fw/pf.fw
|
||||
# files: firewall106.conf /etc/fw/path\ with\ space/pf.conf
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:25 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:06 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall107.fw /etc/fw/pf.fw
|
||||
# files: firewall107.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -395,7 +395,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "vlan102 192.168.102.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:25 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:06 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:26 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:07 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall108.fw /etc/fw/pf.fw
|
||||
# files: firewall108.conf /etc/fw/path\ with\ space/pf.conf
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:27 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:08 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall109-1.fw /etc/fw/pf.fw
|
||||
# files: firewall109-1.conf /etc/fw/path\ with\ space/pf.conf
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:27 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:08 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall109-2.fw /etc/fw/pf.fw
|
||||
# files: firewall109-2.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -400,7 +400,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:27 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:08 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:28 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:08 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall109-3.fw /etc/fw/pf.fw
|
||||
# files: firewall109-3.conf /etc/fw/path\ with\ space/pf.conf
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:26 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:07 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall109.fw /etc/fw/pf.fw
|
||||
# files: firewall109.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -401,7 +401,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:26 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:07 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:28 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:09 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall11.fw /etc/firewall11.fw
|
||||
# files: firewall11.conf /etc/firewall11.conf
|
||||
@ -77,7 +77,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:28 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:09 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:28 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:10 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall110.fw /etc/fw/firewall110.fw
|
||||
# files: firewall110.conf /etc/fw/firewall110.conf
|
||||
@ -76,7 +76,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:28 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:10 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:29 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:10 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall111.fw /etc/fw/firewall111.fw
|
||||
# files: firewall111.conf /etc/fw/firewall111.conf
|
||||
@ -86,7 +86,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:29 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:10 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:29 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:10 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall12.fw /etc/fw/firewall12.fw
|
||||
# files: firewall12.conf /etc/fw/firewall12.conf
|
||||
@ -165,7 +165,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:29 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:10 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:29 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:11 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall13.fw /etc/fw/firewall13.fw
|
||||
# files: firewall13.conf /etc/fw/firewall13.conf
|
||||
@ -88,7 +88,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:29 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:11 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:30 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:12 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall14-1.fw /etc/firewall14-1.fw
|
||||
# files: firewall14-1.conf /etc/firewall14-1.conf
|
||||
@ -248,7 +248,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:30 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:12 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:30 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:12 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall14.fw /etc/firewall14.fw
|
||||
# files: firewall14.conf /etc/firewall14.conf
|
||||
@ -248,7 +248,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:30 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:12 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -42,7 +42,7 @@ table <tbl.r0> { 22.22.22.22 , 192.168.1.1 }
|
||||
# firewall2-1:NAT:17: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch'
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
rdr on { eth1 eth0 } proto {tcp udp icmp} from any to <tbl.r0> -> 192.168.1.10
|
||||
rdr on { eth1 eth0 } from any to <tbl.r0> -> 192.168.1.10
|
||||
#
|
||||
# Rule 8 (NAT)
|
||||
no nat proto tcp from 192.168.1.0/24 to any
|
||||
@ -56,7 +56,7 @@ no rdr proto tcp from any to 22.22.22.22
|
||||
rdr proto tcp from any to (eth1) port 1080 -> { 192.168.1.10 , 192.168.1.20 } port 1080
|
||||
#
|
||||
# Rule 14 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 22.22.22.0/28
|
||||
nat from 192.168.1.0/24 to any -> 22.22.22.0/28
|
||||
#
|
||||
# Rule 17 (NAT)
|
||||
# firewall2-1:NAT:17: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch'
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:32 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:14 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall2-1.fw /etc/fw/firewall2-1.fw
|
||||
# files: firewall2-1.conf /etc/fw/firewall2-1.conf
|
||||
@ -88,7 +88,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:32 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:14 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -4,53 +4,53 @@
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
# NETMAP and no -o itf
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 22.22.22.0/24
|
||||
nat from 192.168.1.0/24 to any -> 22.22.22.0/24
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on em1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
nat on em1 from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
#
|
||||
nat on em3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
nat on em3 from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
#
|
||||
nat on { em1 em3 } proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
nat on { em1 em3 } from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
#
|
||||
# Rule 4 (NAT)
|
||||
nat on { em1 em3 } proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
nat on { em1 em3 } from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
#
|
||||
# Rule 5 (NAT)
|
||||
#
|
||||
nat on ! em3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
nat on ! em3 from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
#
|
||||
# Rule 6 (NAT)
|
||||
#
|
||||
nat on { em0 em2 } proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
nat on { em0 em2 } from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
#
|
||||
# Rule 7 (NAT)
|
||||
nat on { em0 em2 } proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
nat on { em0 em2 } from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
#
|
||||
# Rule 8 (NAT)
|
||||
rdr proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
|
||||
rdr from any to 222.222.222.40 -> 192.168.1.10
|
||||
#
|
||||
# Rule 9 (NAT)
|
||||
rdr on em0 proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
|
||||
rdr on em0 from any to 222.222.222.40 -> 192.168.1.10
|
||||
#
|
||||
# Rule 10 (NAT)
|
||||
rdr on { em0 em2 } proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
|
||||
rdr on { em0 em2 } from any to 222.222.222.40 -> 192.168.1.10
|
||||
#
|
||||
# Rule 11 (NAT)
|
||||
rdr on { em0 em2 } proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
|
||||
rdr on { em0 em2 } from any to 222.222.222.40 -> 192.168.1.10
|
||||
#
|
||||
# Rule 12 (NAT)
|
||||
rdr on ! em0 proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
|
||||
rdr on ! em0 from any to 222.222.222.40 -> 192.168.1.10
|
||||
#
|
||||
# Rule 13 (NAT)
|
||||
rdr on { em1 em3 } proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
|
||||
rdr on { em1 em3 } from any to 222.222.222.40 -> 192.168.1.10
|
||||
#
|
||||
# Rule 14 (NAT)
|
||||
rdr on { em1 em3 } proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
|
||||
rdr on { em1 em3 } from any to 222.222.222.40 -> 192.168.1.10
|
||||
#
|
||||
# Rule 15 (NAT)
|
||||
# REDIRECT
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:33 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:14 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall2-6.fw /etc/firewall2-6.fw
|
||||
# files: firewall2-6.conf /etc/firewall2-6.conf
|
||||
@ -170,7 +170,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:33 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:14 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -30,17 +30,17 @@ table <tbl.r5.s> { self , 192.168.1.0/24 }
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth3)
|
||||
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth2)
|
||||
nat on eth4 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth4)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth3 from 192.168.1.0/24 to any -> (eth3)
|
||||
nat on eth2 from 192.168.1.0/24 to any -> (eth2)
|
||||
nat on eth4 from 192.168.1.0/24 to any -> (eth4)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat proto {tcp udp icmp} from <tbl.r1> to any -> 22.22.22.23
|
||||
nat from <tbl.r1> to any -> 22.22.22.23
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to <tbl.r1> -> 192.168.1.1
|
||||
nat from 192.168.1.0/24 to <tbl.r1> -> 192.168.1.1
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
nat on eth0 proto tcp from 192.168.1.0/24 to any port 80 -> (eth0)
|
||||
@ -69,7 +69,7 @@ nat proto icmp from <tbl.r1> to any -> 22.22.22.23
|
||||
nat proto udp from 192.168.1.0/24 to <tbl.r1> port 53 -> 192.168.1.1
|
||||
#
|
||||
# Rule 9 (NAT)
|
||||
rdr proto {tcp udp icmp} from any to 22.22.22.23 -> 192.168.1.10
|
||||
rdr from any to 22.22.22.23 -> 192.168.1.10
|
||||
#
|
||||
# Rule 10 (NAT)
|
||||
rdr proto tcp from any to 22.22.22.23 port 80 -> 192.168.1.10 port 80
|
||||
@ -79,16 +79,16 @@ rdr proto tcp from any to 22.22.22.23 port 119 -> 192.168.1.10 port 119
|
||||
rdr proto tcp from any to 22.22.22.22 port 119 -> 192.168.1.10 port 119
|
||||
#
|
||||
# Rule 12 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.20 to any -> 22.22.23.24
|
||||
nat from 192.168.1.20 to any -> 22.22.23.24
|
||||
#
|
||||
# Rule 16 (NAT)
|
||||
rdr proto {tcp udp icmp} from any to <tbl.r16> -> 192.168.1.10
|
||||
rdr from any to <tbl.r16> -> 192.168.1.10
|
||||
#
|
||||
# Rule 17 (NAT)
|
||||
rdr on eth1 proto {tcp udp icmp} from any to 22.22.22.22 -> 192.168.1.10
|
||||
rdr on eth1 from any to 22.22.22.22 -> 192.168.1.10
|
||||
#
|
||||
# Rule 18 (NAT)
|
||||
rdr on eth1 proto {tcp udp icmp} from any to 22.22.22.22 -> 192.168.1.10
|
||||
rdr on eth1 from any to 22.22.22.22 -> 192.168.1.10
|
||||
#
|
||||
# Rule 19 (NAT)
|
||||
rdr proto 47 from any to <tbl.r16> -> 192.168.1.10
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:31 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:12 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall2.fw /etc/fw/firewall2.fw
|
||||
# files: firewall2.conf /etc/fw/firewall2.conf
|
||||
@ -73,7 +73,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:31 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:12 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -3,18 +3,18 @@
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on dc2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (dc2)
|
||||
nat on dc0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (dc0)
|
||||
nat on dc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (dc1)
|
||||
nat on dc2 from 192.168.1.0/24 to any -> (dc2)
|
||||
nat on dc0 from 192.168.1.0/24 to any -> (dc0)
|
||||
nat on dc1 from 192.168.1.0/24 to any -> (dc1)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on dc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (dc1)
|
||||
nat on dc1 from 192.168.1.0/24 to any -> (dc1)
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat on dc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.20
|
||||
nat on dc1 from 192.168.1.0/24 to any -> 222.222.222.20
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
nat on dc0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
nat on dc0 from 192.168.1.0/24 to any -> 222.222.222.40
|
||||
|
||||
#
|
||||
# Rule 0 (dc0)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:31 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:12 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall20.fw /etc/fw/firewall20.fw
|
||||
# files: firewall20.conf /etc/fw/firewall20.conf
|
||||
@ -73,7 +73,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:31 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:12 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
#
|
||||
# Rule NAT_1 0 (NAT)
|
||||
nat on en1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en1)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
|
||||
nat on en1 from 192.168.1.0/24 to any -> (en1)
|
||||
nat on en0 from 192.168.1.0/24 to any -> (en0)
|
||||
|
||||
|
||||
@ -12,14 +12,14 @@ rdr-anchor "ftp-proxy/*"
|
||||
rdr proto tcp from 192.168.1.0/24 to any port 21 -> 127.0.0.1 port 8021
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
|
||||
rdr-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
|
||||
nat-anchor "NAT_1" from 192.168.1.0/24 to any
|
||||
rdr-anchor "NAT_1" from 192.168.1.0/24 to any
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
# firewall21:NAT:3: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch'
|
||||
|
||||
nat-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
|
||||
rdr-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
|
||||
nat-anchor "NAT_1" from 192.168.1.0/24 to any
|
||||
rdr-anchor "NAT_1" from 192.168.1.0/24 to any
|
||||
|
||||
#
|
||||
# Rule 0 (global)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:32 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:14 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall21.fw /etc/fw/firewall21.fw
|
||||
# files: firewall21.conf /etc/fw/firewall21.conf
|
||||
@ -81,7 +81,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:32 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:14 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
#
|
||||
# Rule NAT_1 0 (NAT)
|
||||
nat on en1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en1)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
|
||||
nat on en1 from 192.168.1.0/24 to any -> (en1)
|
||||
nat on en0 from 192.168.1.0/24 to any -> (en0)
|
||||
|
||||
|
||||
@ -14,14 +14,14 @@ nat-anchor "ftp-proxy/*"
|
||||
rdr-anchor "ftp-proxy/*"
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
|
||||
rdr-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
|
||||
nat-anchor "NAT_1" from 192.168.1.0/24 to any
|
||||
rdr-anchor "NAT_1" from 192.168.1.0/24 to any
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
# firewall22:NAT:2: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch'
|
||||
|
||||
nat-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
|
||||
rdr-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
|
||||
nat-anchor "NAT_1" from 192.168.1.0/24 to any
|
||||
rdr-anchor "NAT_1" from 192.168.1.0/24 to any
|
||||
|
||||
#
|
||||
# Rule 0 (global)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:33 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:14 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall22.fw /etc/fw/firewall22.fw
|
||||
# files: firewall22.conf /etc/fw/firewall22.conf
|
||||
@ -80,7 +80,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:33 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:14 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -19,19 +19,19 @@ scrub out all random-id
|
||||
#
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on le0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 22.22.22.21
|
||||
nat on le0 from 192.168.1.0/24 to any -> 22.22.22.21
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on le0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le0) bitmask
|
||||
nat on le0 from 192.168.1.0/24 to any -> (le0) bitmask
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 22.22.22.0/28 source-hash
|
||||
nat from 192.168.1.0/24 to any -> 22.22.22.0/28 source-hash
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> { 22.22.22.1 , 22.22.22.2/31 , 22.22.22.4 , 22.22.22.5 } round-robin static-port
|
||||
nat from 192.168.1.0/24 to any -> { 22.22.22.1 , 22.22.22.2/31 , 22.22.22.4 , 22.22.22.5 } round-robin static-port
|
||||
#
|
||||
# Rule 4 (NAT)
|
||||
rdr proto {tcp udp icmp} from any to 22.22.22.21 -> { 192.168.1.10 , 192.168.1.20 } round-robin
|
||||
rdr from any to 22.22.22.21 -> { 192.168.1.10 , 192.168.1.20 } round-robin
|
||||
|
||||
# Policy compiler errors and warnings:
|
||||
# firewall3:Policy:0: warning: Changing rule direction due to self reference
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:34 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:15 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall3.fw /etc/firewall3.fw
|
||||
# files: firewall3.conf /etc/firewall3.conf
|
||||
@ -165,7 +165,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:34 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:15 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,28 +2,28 @@
|
||||
|
||||
|
||||
|
||||
# Tables: (4)
|
||||
# Tables: (3)
|
||||
table <tbl.r0> { 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
|
||||
table <tbl.r10.d> { www.google.com , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
|
||||
table <tbl.r2> { www.google.com , www.cnn.com }
|
||||
table <tbl.r8.d> { 74.125.224.48 , 74.125.224.49 , 74.125.224.50 , 74.125.224.51 , 74.125.224.52 , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on eth0.100 proto {tcp udp icmp} from any to <tbl.r0> -> (eth0.100)
|
||||
nat on eth0.100 from any to <tbl.r0> -> (eth0.100)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth0.100 proto {tcp udp icmp} from any to www.cnn.com -> (eth0.100)
|
||||
nat on eth0.100 from any to www.cnn.com -> (eth0.100)
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat on eth0.100 proto {tcp udp icmp} from any to <tbl.r2> -> (eth0.100)
|
||||
nat on eth0.100 from any to <tbl.r2> -> (eth0.100)
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
nat on eth0.100 proto {tcp udp icmp} from any to ! <tbl.r2> -> (eth0.100)
|
||||
nat on eth0.100 from any to ! <tbl.r2> -> (eth0.100)
|
||||
|
||||
# Policy compiler errors and warnings:
|
||||
# firewall33:Policy:2: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode
|
||||
# firewall33:Policy:6: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode
|
||||
# firewall33:Policy:8: error: Empty group or address table object 'google (ct)' is used in the rule but option 'Ignore rules with empty groups' is off
|
||||
#
|
||||
# Rule 0 (global)
|
||||
pass quick inet from <tbl.r0> to any keep state label "RULE 0 -- ACCEPT on global "
|
||||
@ -54,7 +54,9 @@ pass quick inet from any to ! 192.0.2.1 keep state label "RULE 6 -- ACCEPT o
|
||||
pass quick inet from any to ! buildmaster keep state label "RULE 7 -- ACCEPT on global "
|
||||
#
|
||||
# Rule 8 (global)
|
||||
pass quick inet from any to ! <tbl.r8.d> keep state label "RULE 8 -- ACCEPT on global "
|
||||
# firewall33:Policy:8: error: Empty group or address table object 'google (ct)' is used in the rule but option 'Ignore rules with empty groups' is off
|
||||
|
||||
pass quick inet from any to ! <tbl.r0> keep state label "RULE 8 -- ACCEPT on global "
|
||||
#
|
||||
# Rule 9 (global)
|
||||
pass quick inet from any to ! <tbl.r2> keep state label "RULE 9 -- ACCEPT on global "
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:34 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:17 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall33.fw /etc/fw/firewall33.fw
|
||||
# files: firewall33.conf /etc/fw/firewall33.conf
|
||||
@ -15,6 +15,7 @@
|
||||
|
||||
# firewall33:Policy:2: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode
|
||||
# firewall33:Policy:6: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode
|
||||
# firewall33:Policy:8: error: Empty group or address table object 'google (ct)' is used in the rule but option 'Ignore rules with empty groups' is off
|
||||
|
||||
|
||||
|
||||
@ -168,7 +169,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:34 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:17 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -17,20 +17,20 @@ rdr on eth0.100 proto tcp from <block these> to (eth0.100) port 25 -> 192.168.1
|
||||
rdr on eth0.100 proto tcp from <tbl.r1> to (eth0.100) port 25 -> 192.168.1.10 port 25
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat on eth0.100 proto {tcp udp icmp} from 192.168.1.0/24 to ! <block these> -> (eth0.100)
|
||||
nat on eth0.100 from 192.168.1.0/24 to ! <block these> -> (eth0.100)
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
rdr proto tcp from any to (eth0.100) port 25 -> { 192.168.1.1 , 192.168.1.2 , 192.168.1.200 , 192.168.1.201 , 192.168.1.3/30 , 192.168.2.128/25 } port 25
|
||||
#
|
||||
# Rule 4 (NAT)
|
||||
rdr proto {tcp udp icmp} from any to (eth0.100) -> { 192.168.1.1 , 192.168.1.2 , 192.168.1.200 , 192.168.1.201 , 192.168.1.3/30 , 192.168.2.128/25 }
|
||||
rdr from any to (eth0.100) -> { 192.168.1.1 , 192.168.1.2 , 192.168.1.200 , 192.168.1.201 , 192.168.1.3/30 , 192.168.2.128/25 }
|
||||
#
|
||||
# Rule 5 (NAT)
|
||||
no nat proto {tcp udp icmp} from 192.168.1.0/24 to <block these>
|
||||
no rdr proto {tcp udp icmp} from 192.168.1.0/24 to <block these>
|
||||
no nat from 192.168.1.0/24 to <block these>
|
||||
no rdr from 192.168.1.0/24 to <block these>
|
||||
#
|
||||
# Rule 6 (NAT)
|
||||
rdr proto {tcp udp icmp} from 192.168.1.0/24 to <block these> -> (lo)
|
||||
rdr from 192.168.1.0/24 to <block these> -> (lo)
|
||||
|
||||
#
|
||||
# Rule 0 (global)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:35 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:16 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall34.fw /etc/fw/firewall34.fw
|
||||
# files: firewall34.conf /etc/fw/firewall34.conf
|
||||
@ -164,7 +164,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:35 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:16 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -7,8 +7,8 @@ scrub in all fragment reassemble
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on le0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le0)
|
||||
nat on enc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (enc1)
|
||||
nat on le0 from 192.168.1.0/24 to any -> (le0)
|
||||
nat on enc1 from 192.168.1.0/24 to any -> (enc1)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on le0 from 192.168.1.0/24 to any tagged ipsec_tag -> (le0)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:35 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:16 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall38.fw /etc/fw/firewall38.fw
|
||||
# files: firewall38.conf /etc/fw/firewall38.conf
|
||||
@ -76,7 +76,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:35 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:16 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -7,8 +7,8 @@ scrub in all fragment reassemble
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on le0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le0)
|
||||
nat on enc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (enc1)
|
||||
nat on le0 from 192.168.1.0/24 to any -> (le0)
|
||||
nat on enc1 from 192.168.1.0/24 to any -> (enc1)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on le0 from 192.168.1.0/24 to any tagged ipsec_tag -> (le0)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:35 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:17 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall39.fw pf.fw
|
||||
# files: firewall39.conf pf.conf
|
||||
@ -79,7 +79,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:35 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:17 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -19,16 +19,16 @@ table <tbl.r6.s> { 192.168.1.10 , 192.168.1.20 }
|
||||
#
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.10 to any -> (eth0)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.10 to any -> (eth1)
|
||||
nat on eth2 proto {tcp udp icmp} from 192.168.1.10 to any -> (eth2)
|
||||
nat on eth3 proto {tcp udp icmp} from 192.168.1.10 to any -> (eth3)
|
||||
nat on eth0 from 192.168.1.10 to any -> (eth0)
|
||||
nat on eth1 from 192.168.1.10 to any -> (eth1)
|
||||
nat on eth2 from 192.168.1.10 to any -> (eth2)
|
||||
nat on eth3 from 192.168.1.10 to any -> (eth3)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth0)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth1)
|
||||
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth2)
|
||||
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth3)
|
||||
nat on eth0 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth0)
|
||||
nat on eth1 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth1)
|
||||
nat on eth2 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth2)
|
||||
nat on eth3 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth3)
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
rdr proto tcp from any to <tbl.r2> port 22 -> 192.168.1.10 port 22
|
||||
@ -39,7 +39,7 @@ rdr on eth3 proto tcp from 192.168.1.0/24 to 222.222.222.222 port 80 -> 192.168
|
||||
nat on eth0 proto tcp from 192.168.1.0/24 to 192.168.1.10 port 80 -> (eth0)
|
||||
#
|
||||
# Rule 4 (NAT)
|
||||
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth3)
|
||||
nat on eth3 from 192.168.1.0/24 to any -> (eth3)
|
||||
#
|
||||
# Rule 5 (NAT)
|
||||
# eth1 is dynamic
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:36 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:19 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall4.fw pf.fw
|
||||
# files: firewall4.conf /etc/fw/pf.conf
|
||||
@ -77,7 +77,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:36 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:19 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -5,12 +5,12 @@
|
||||
# Rule 0 (NAT)
|
||||
# Translate source address
|
||||
# for outgoing connections
|
||||
nat on le1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le1)
|
||||
nat on le1 from 192.168.1.0/24 to any -> (le1)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
# Translate source address
|
||||
# for outgoing connections
|
||||
nat on le2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le2)
|
||||
nat on le2 from 192.168.1.0/24 to any -> (le2)
|
||||
|
||||
# Policy compiler errors and warnings:
|
||||
# firewall40-1:Policy:9: error: Only one router specified with load balancing for rule action Route: 'route_through'
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:37 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:19 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall40-1.fw /etc/firewall40-1.fw
|
||||
# files: firewall40-1.conf /etc/firewall40-1.conf
|
||||
@ -182,7 +182,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:37 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:19 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -5,12 +5,12 @@
|
||||
# Rule 0 (NAT)
|
||||
# Translate source address
|
||||
# for outgoing connections
|
||||
nat on le1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le1)
|
||||
nat on le1 from 192.168.1.0/24 to any -> (le1)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
# Translate source address
|
||||
# for outgoing connections
|
||||
nat on le2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le2)
|
||||
nat on le2 from 192.168.1.0/24 to any -> (le2)
|
||||
|
||||
#
|
||||
# Rule 0 (lo0)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:36 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:19 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall40.fw /etc/firewall40.fw
|
||||
# files: firewall40.conf /etc/firewall40.conf
|
||||
@ -166,7 +166,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:36 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:19 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:37 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:19 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall41.fw /etc/firewall41.fw
|
||||
# files: firewall41.conf /etc/firewall41.conf
|
||||
@ -169,7 +169,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "eth1 2.2.2.2/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:37 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:19 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:37 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:21 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall5.fw /etc/fw/firewall5.fw
|
||||
# files: firewall5.conf /etc/fw/firewall5.conf
|
||||
@ -77,7 +77,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:37 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:21 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:38 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:21 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall51.fw /etc/fw/firewall51.fw
|
||||
# files: firewall51.conf /etc/fw/firewall51.conf
|
||||
@ -80,7 +80,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:38 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:21 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:38 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:21 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall6.fw /etc/fw/firewall6.fw
|
||||
# files: firewall6.conf /etc/fw/firewall6.conf
|
||||
@ -73,7 +73,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:38 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:21 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:39 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:21 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall62.fw /etc/firewall62.fw
|
||||
# files: firewall62.conf /etc/firewall62.conf
|
||||
@ -191,7 +191,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "en1 222.222.222.222/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:39 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:21 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:39 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:22 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall63.fw /etc/fw/firewall63.fw
|
||||
# files: firewall63.conf /etc/fw/firewall63.conf
|
||||
@ -77,7 +77,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:39 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:22 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:40 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:23 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall7.fw /etc/fw/firewall7.fw
|
||||
# files: firewall7.conf /etc/fw/firewall7.conf
|
||||
@ -73,7 +73,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:40 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:23 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:40 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:23 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall70.fw /etc/fw/firewall70.fw
|
||||
# files: firewall70.conf /etc/fw/firewall70.conf
|
||||
@ -82,7 +82,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:40 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:23 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -8,15 +8,15 @@ table <tbl.r4.d> { 33.33.33.33 , 33.33.33.34 }
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on ppp0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (ppp0)
|
||||
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on ppp0 from 192.168.1.0/24 to any -> (ppp0)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
|
||||
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 33.33.33.33
|
||||
nat on eth1 from 192.168.1.0/24 to any -> 33.33.33.33
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
rdr proto tcp from any to <tbl.r3> port 22 -> 192.168.1.100 port 22
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:41 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:23 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall8.fw /etc/firewall8.fw
|
||||
# files: firewall8.conf /etc/firewall8.conf
|
||||
@ -72,7 +72,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:41 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:23 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:41 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:25 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall80-4.5.fw /etc/firewall80-4.5.fw
|
||||
# files: firewall80-4.5.conf /etc/firewall80-4.5.conf
|
||||
@ -73,7 +73,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:41 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:25 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:41 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:24 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall80.fw /etc/firewall80.fw
|
||||
# files: firewall80.conf /etc/firewall80.conf
|
||||
@ -73,7 +73,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:41 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:24 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
|
||||
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
|
||||
|
||||
#
|
||||
# Rule 0 (eth0)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:42 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:25 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall9.fw /etc/fw/firewall9.fw
|
||||
# files: firewall9.conf /etc/fw/firewall9.conf
|
||||
@ -76,7 +76,7 @@ configure_interfaces() {
|
||||
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:42 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:25 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:42 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:25 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall91.fw /etc/fw/pf.fw
|
||||
# files: firewall91.conf /etc/fw/pf.conf
|
||||
@ -247,7 +247,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:42 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:25 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -11,7 +11,7 @@ match out all scrub (random-id min-ttl 1 max-mss 1460)
|
||||
# firewall92:NAT:2: error: No translation rules are not supported for PF 4.7, use negation to implement exclusions
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
match out on em0 proto {tcp udp icmp} from 10.1.1.0/24 to any nat-to (em0)
|
||||
match out on em0 from 10.1.1.0/24 to any nat-to (em0)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
match in on em0 proto udp from ! 10.3.14.41 to 10.3.14.81 port 161 rdr-to 10.1.1.1 port 161
|
||||
@ -20,10 +20,10 @@ match in on em0 proto udp from ! 10.3.14.41 to 10.3.14.81 port 161 rdr-to 10.1.
|
||||
match in on em0 proto udp from any to 10.3.14.81 port 161 rdr-to 10.1.1.1 port 161
|
||||
#
|
||||
# Rule 4 (NAT)
|
||||
match out on em1 proto {tcp udp icmp} from 10.1.1.0/24 to any nat-to (em0)
|
||||
match out on em1 from 10.1.1.0/24 to any nat-to (em0)
|
||||
#
|
||||
# Rule 5 (NAT)
|
||||
match out on ! em0 proto {tcp udp icmp} from 10.1.1.0/24 to any nat-to 10.3.14.201
|
||||
match out on ! em0 from 10.1.1.0/24 to any nat-to 10.3.14.201
|
||||
|
||||
# Policy compiler errors and warnings:
|
||||
# firewall92:Policy:0: warning: Changing rule direction due to self reference
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:42 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:26 2011 PDT by vadim
|
||||
#
|
||||
# files: * firewall92.fw /etc/fw/pf.fw
|
||||
# files: firewall92.conf /etc/fw/path\ with\ space/pf.conf
|
||||
@ -166,7 +166,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:42 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:26 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -8,22 +8,22 @@ table <tbl.r2.s> { 172.24.0.1 , 172.24.0.2 }
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (carp0)
|
||||
nat on en0 from 192.168.1.0/24 to any -> (carp0)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
|
||||
nat on en0 from 192.168.1.0/24 to any -> 172.24.0.1
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
|
||||
nat from 192.168.1.0/24 to any -> 172.24.0.1
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> { (en0) , (en0) }
|
||||
nat on en0 from 192.168.1.0/24 to any -> { (en0) , (en0) }
|
||||
#
|
||||
# Rule 4 (NAT)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
|
||||
nat on en0 from 192.168.1.0/24 to any -> (en0)
|
||||
#
|
||||
# Rule 5 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
|
||||
nat from 192.168.1.0/24 to any -> (en0)
|
||||
#
|
||||
# Rule 6 (NAT)
|
||||
rdr on en0 proto tcp from any to 172.24.0.1 port 80 -> 172.24.0.100 port 80
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * pf_cluster_1_openbsd-1.fw /etc/pf_cluster_1_openbsd-1.fw
|
||||
# files: pf_cluster_1_openbsd-1.conf /etc/pf_cluster_1_openbsd-1.conf
|
||||
@ -299,7 +299,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -8,22 +8,22 @@ table <tbl.r2.s> { 172.24.0.1 , 172.24.0.3 }
|
||||
|
||||
#
|
||||
# Rule 0 (NAT)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (carp0)
|
||||
nat on en0 from 192.168.1.0/24 to any -> (carp0)
|
||||
#
|
||||
# Rule 1 (NAT)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
|
||||
nat on en0 from 192.168.1.0/24 to any -> 172.24.0.1
|
||||
#
|
||||
# Rule 2 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
|
||||
nat from 192.168.1.0/24 to any -> 172.24.0.1
|
||||
#
|
||||
# Rule 3 (NAT)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> { (en0) , (en0) }
|
||||
nat on en0 from 192.168.1.0/24 to any -> { (en0) , (en0) }
|
||||
#
|
||||
# Rule 4 (NAT)
|
||||
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
|
||||
nat from 192.168.1.0/24 to any -> (en0)
|
||||
#
|
||||
# Rule 5 (NAT)
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
|
||||
nat on en0 from 192.168.1.0/24 to any -> (en0)
|
||||
#
|
||||
# Rule 6 (NAT)
|
||||
rdr on en0 proto tcp from any to 172.24.0.1 port 80 -> 172.24.0.100 port 80
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * pf_cluster_1_openbsd-2.fw /etc/pf_cluster_1_openbsd-2.fw
|
||||
# files: pf_cluster_1_openbsd-2.conf /etc/pf_cluster_1_openbsd-2.conf
|
||||
@ -195,7 +195,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * pf_cluster_2_freebsd-1.fw /etc/pf_cluster_2_freebsd-1.fw
|
||||
# files: pf_cluster_2_freebsd-1.conf /etc/pf_cluster_2_freebsd-1.conf
|
||||
@ -301,7 +301,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * pf_cluster_2_freebsd-2.fw /etc/pf_cluster_2_freebsd-2.fw
|
||||
# files: pf_cluster_2_freebsd-2.conf /etc/pf_cluster_2_freebsd-2.conf
|
||||
@ -197,7 +197,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * pf_cluster_3_openbsd-3.fw /etc/pf_cluster_3_openbsd-3.fw
|
||||
# files: pf_cluster_3_openbsd-3.conf /etc/pf_cluster_3_openbsd-3.conf
|
||||
@ -302,7 +302,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * pf_cluster_3_openbsd-4.fw /etc/pf_cluster_3_openbsd-4.fw
|
||||
# files: pf_cluster_3_openbsd-4.conf /etc/pf_cluster_3_openbsd-4.conf
|
||||
@ -199,7 +199,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Sun Jun 5 20:10:47 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * pf_cluster_4_rc.conf.local /etc/pf_cluster_4_rc.conf.local
|
||||
# files: pf_cluster_4_pf.conf /etc/pf_cluster_4_pf.conf
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
# Rule 0 (NAT)
|
||||
# rule is attached to physical interface en0
|
||||
# but uses address of carp0 for translation
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (carp0)
|
||||
nat on en0 from 192.168.1.0/24 to any -> (carp0)
|
||||
|
||||
#
|
||||
# Rule -3 CARP (automatic)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:45 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * pf_cluster_5_openbsd-3.fw /etc/pf_cluster_5_openbsd-3.fw
|
||||
# files: pf_cluster_5_openbsd-3.conf /etc/pf_cluster_5_openbsd-3.conf
|
||||
@ -302,7 +302,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:45 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
# Rule 0 (NAT)
|
||||
# rule is attached to physical interface en0
|
||||
# but uses address of carp0 for translation
|
||||
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (carp0)
|
||||
nat on en0 from 192.168.1.0/24 to any -> (carp0)
|
||||
|
||||
#
|
||||
# Rule -3 CARP (automatic)
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
#
|
||||
# This is automatically generated file. DO NOT MODIFY !
|
||||
#
|
||||
# Firewall Builder fwb_pf v5.0.0.3547
|
||||
# Firewall Builder fwb_pf v5.0.0.3551
|
||||
#
|
||||
# Generated Fri Jun 3 18:57:45 2011 PDT by vadim
|
||||
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
|
||||
#
|
||||
# files: * pf_cluster_5_openbsd-4.fw /etc/pf_cluster_5_openbsd-4.fw
|
||||
# files: pf_cluster_5_openbsd-4.conf /etc/pf_cluster_5_openbsd-4.conf
|
||||
@ -199,7 +199,7 @@ configure_interfaces() {
|
||||
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
|
||||
}
|
||||
|
||||
log "Activating firewall script generated Fri Jun 3 18:57:45 2011 by vadim"
|
||||
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
|
||||
|
||||
set_kernel_vars
|
||||
configure_interfaces
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user