Differences

This shows you the differences between two versions of the page.

--- network:packet_filter:start [2013/03/15 14:16]
tschulz created
+++ network:packet_filter:start [2014/02/20 13:19] (current)
tschulz
@@ Line 1: / Line 1: @@
 ====== Packet Filter ======
-===== Load Balance =====
+  * [[network:packet_filter:Load Balance|Load Balance]]
-<file config pf.conf>
+  * [[network:packet_filter:Spamd|Spamd]]
-# --------------- file /etc/pf.conf --------------------
+  * [[network:packet_filter:filtering|Packet Filter: Filtering]]
-lan_net = "10.1.0.0/22"
+  * [[network:packet_filter:altq|Packet Filter: Altq]]
-int_if = "fxp0"
-ext_if1 = "xl0"
-ext_if2 = "xl1"
-ext_gw1 = "192.168.103.1"
-ext_gw2 = "192.168.104.1"
-virus_ports="{135,137,139,445,1080,1025,1026,1433,1434}"
-tcp_udp = "{tcp,udp}"
-#nat on $ext_if1 from $lan_net to any -> ($ext_if1)
-#nat on $ext_if2 from $lan_net to any -> ($ext_if2)
-#nat on $ext_if1 from $lan_net to any -> $ext_if1 static-port
-#nat on $ext_if2 from $lan_net to any -> $ext_if2 static-port
-#block virus port
-#block in quick proto $tcp_udp from any port $virus_ports to any
-#block out quick proto $tcp_udp from any to any port $virus_ports
-pass in on $int_if route-to { ($ext_if1 $ext_gw1),($ext_if2 $ext_gw2) } round-robin \
-proto tcp from $lan_net to any flags S/SA modulate state
-pass in on $int_if route-to { ($ext_if1 $ext_gw1),($ext_if2 $ext_gw2) } round-robin \
-proto {udp,icmp} from $lan_net to any keep state
-pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) proto tcp from ($ext_if2) to any
-pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) proto tcp  from ($ext_if1) to any
-</file>

ISD 820 Knowledge Base

User Tools

Site Tools

Differences

Page Tools