| version 1.4, 2006/06/16 17:26:59 |
version 1.5, 2006/10/07 04:48:01 |
|
|
| # filter rules |
# filter rules |
| block in |
block in |
| |
|
| pass out keep state |
pass out |
| |
|
| anchor "ftp-proxy/*" |
anchor "ftp-proxy/*" |
| antispoof quick for { lo $int_if } |
antispoof quick for { lo $int_if } |
| |
|
| pass in on $ext_if inet proto tcp from any to ($ext_if) \ |
pass in on $ext_if inet proto tcp from any to ($ext_if) port $tcp_services |
| port $tcp_services flags S/SA keep state |
|
| |
|
| pass in on $ext_if inet proto tcp from any to $comp3 port 80 \ |
pass in on $ext_if inet proto tcp from any to $comp3 port 80 \ |
| flags S/SA synproxy state |
synproxy state |
| |
|
| pass in inet proto icmp all icmp-type $icmp_types keep state |
pass in inet proto icmp all icmp-type $icmp_types |
| |
|
| pass quick on $int_if |
pass quick on $int_if no state |
![[BACK]](/icons/back.gif){kind=icon}
Return to faq-example1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / share / pf