![]() Please re-evaluate why you need keep-state. There's usually little need for keep-state on incoming traffic to services as you already know you want to allow traffic for them. $IPF 34 allow all from mywebserverip to me Ipfw add 426 allow udp from any to me 3306 in via em0 setup limit src-addr 50 Ipfw add 425 allow udp from any to me 11005 in via em0 setup limit src-addr 50 Ipfw add 424 allow udp from any to me 18000 in via em0 setup limit src-addr 80 Ipfw add 423 allow udp from any to me 21000 in via em0 setup limit src-addr 80 Ipfw add 422 allow udp from any to me 16000 in via em0 setup limit src-addr 80 Ipfw add 421 allow udp from any to me 13001 in via em0 setup limit src-addr 80 Ipfw add 420 allow udp from any to me 13000 in via em0 setup limit src-addr 80 Ipfw add 419 allow udp from any to me 22 in via em0 setup limit src-addr 80 Ipfw add 416 allow tcp from any to me 3306 in via em0 setup limit src-addr 10 Ipfw add 415 allow tcp from any to me 11005 in via em0 setup limit src-addr 5 Ipfw add 414 allow tcp from any to me 18000 in via em0 setup limit src-addr 10 Ipfw add 413 allow tcp from any to me 21000 in via em0 setup limit src-addr 10 Ipfw add 412 allow tcp from any to me 16000 in via em0 setup limit src-addr 10 Ipfw add 411 allow tcp from any to me 13001 in via em0 setup limit src-addr 10 Ipfw add 410 allow tcp from any to me 13000 in via em0 setup limit src-addr 10 Ipfw add 409 allow tcp from any to me 22 in via em0 setup limit src-addr 20 $IPF 33 allow udp from any to any 11005 keep-state $IPF 32 allow udp from any to any 3306 keep-state $IPF 31 allow udp from any to any 21000 keep-state $IPF 30 allow udp from any to any 18000 keep-state $IPF 29 allow udp from any to any 16000 keep-state $IPF 28 allow udp from any to any 13001 keep-state $IPF 27 allow udp from any to any 13000 keep-state ![]() $IPF 26 allow udp from any to any 22 keep-state $IPF 25 allow tcp from any to any 11005 setup keep-state $IPF 24 allow tcp from any to any 3306 setup keep-state $IPF 23 allow tcp from any to any 21000 setup keep-state $IPF 22 allow tcp from any to any 18000 setup keep-state $IPF 21 allow tcp from any to any 16000 setup keep-state ![]() $IPF 20 allow tcp from any to any 13001 setup keep-state $IPF 19 allow tcp from any to any 13000 setup keep-state $IPF 18 allow tcp from any to any 22 setup keep-state $IPF 16 allow all from any to any out keep-state $IPF 15 allow tcp from any to any established $IPF 10 allow all from any to any via lo0 ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |