[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Tircproxy problems on OpenBSD 2.7



Here are the contents of my /etc/ipf.rules

The first rule I commented out a couple of the times while testing the proxy
but it didn't matter, packets for identd were still blocked.

#pass in log quick on tun0 proto tcp from any to any port = 113 keep state

#spoofing protection
block in quick on tun0 from 127.0.0.0/8 to any
block in quick on tun0 from 192.168.0.0/16 to any
block in quick on tun0 from 172.16.0.0/12 to any
block in quick on tun0 from 10.0.0.0/8 to any
block out quick on tun0 from any to 127.0.0.1/8
block out quick on tun0 from any to 192.168.0.0/16
block out quick on tun0 from any to 172.16.0.0/12
block out quick on tun0 from any to 10.0.0.0/8
block out quick on tun0 from any to 10.0.0.0/8
block in log quick on tun0 from any to 192.168.0.0/16
block in log quick on tun0 from any to 192.168.255.255/16

#ssh connections allowed only from internal network
block in log quick on tun0 proto tcp/udp from any to any port = 22
pass in quick on ep1 from 192.168.1.2 to any port = 22

#default deny policy
block in log quick on tun0 from any to any

#let out-going traffic out
pass out quick on tun0 proto tcp/udp from any to any keep state







Visit your host, monkey.org