[FUG-BR] FreeBSD roteador / Gateway
Alexandre Donisete
aledon em dep.ufscar.br
Seg Out 3 15:04:07 BRT 2005
> >> /*server# ipfw show*/
> >> 00100 335 32750 allow ip from any to any
> >> 00200 0 0 divert 8668 ip from any to any via rl0
> >> 65535 0 0 deny ip from any to any
Ola!
Experimenta substituir seu rc.firewall por isso:
#!/bin/sh
# Variaveis do Script
fwcmd="/sbin/ipfw -q" # Comando do IPFW
ife="xl0" # Interface Externa GATEWAY
ifi="fxp0" # Interface Interna GATEWAY
ipe="200.XXX.YYY.ZZZ" # IP Externo
neti="192.168.254.0/24" # Rede Interna
# Flush All
$fwcmd -f flush
# Router
# [100]
$fwcmd add 100 allow udp from any 520 to any 520 via any
# NATd
# [700]
$fwcmd add 705 divert 8668 all from $neti to any via $ife out
$fwcmd add 710 divert 8668 all from any to $ipe via $ife in
# DNS
# [1100]
$fwcmd add 1105 allow udp from any 53 to any 53
$fwcmd add 1110 allow udp from any 1023-65535 to any 53
$fwcmd add 1115 allow udp from any 53 to any 1023-65535
$fwcmd add 1120 allow udp from any 53 to any 137
$fwcmd add 1125 allow udp from any 137 to any 53
# Libera o resto limitado
# [65001]
$fwcmd pipe 200 config bw 250Kbit/s queue 8KBytes
$fwcmd add 66000 pipe 200 all from any to any
$fwcmd add 66001 allow all from any to any
-- .-- -.----------- ..- ----.-----
Alexandre Donisete = www.aledon.org
--
Sistema correio eletrônico acadêmico DEP/UFSCar
_______________________________________________
Freebsd mailing list
Freebsd em fug.com.br
http://mail.fug.com.br/mailman/listinfo/freebsd_fug.com.br
Mais detalhes sobre a lista de discussão freebsd