Annotation of src/share/ipf/example.5, Revision 1.1
1.1 ! dm 1: #
! 2: # test ruleset
! 3: #
! 4: # allow packets coming from foo to bar through.
! 5: #
! 6: pass from foo to bar
! 7: #
! 8: # allow any TCP packets from the same subnet as foo is on through to host
! 9: # 10.1.1.2 if they are destined for port 6667.
! 10: #
! 11: pass proto tcp from fubar/24 to 10.1.1.2/32 port = 6667
! 12: #
! 13: # allow in UDP packets which are NOT from port 53 and are destined for
! 14: # localhost
! 15: #
! 16: pass proto udp from fubar port != 53 to localhost
! 17: #
! 18: # block all ICMP unreachables.
! 19: #
! 20: block from any to any icmp unreach
! 21: #
! 22: # allow packets through which have a non-standard IP header length (ie there
! 23: # are IP options such as source-routing present).
! 24: #
! 25: pass from any to any with ipopts
![[BACK]](/icons/back.gif){kind=icon}
Return to example.5 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / share / ipf