ipfw
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| ipfw [2019/02/04 16:38] – francesco | ipfw [2019/02/04 16:43] (current) – francesco | ||
|---|---|---|---|
| Line 4: | Line 4: | ||
| e naturalmente la pagina del manuale e quella dell' | e naturalmente la pagina del manuale e quella dell' | ||
| - | ---- | ||
| - | < | ||
| - | root@NUC:~ # cat / | ||
| - | IPF=" | ||
| - | ipfw -q -f flush | ||
| - | #loopback | ||
| - | $IPF 10 allow all from any to any via lo0 | ||
| - | $IPF 20 deny all from any to 127.0.0.0/8 | ||
| - | $IPF 30 deny all from 127.0.0.0/8 to any | ||
| - | $IPF 40 deny tcp from any to any frag | ||
| - | # statefull | ||
| - | $IPF 50 check-state | ||
| - | $IPF 60 allow tcp from any to any established | ||
| - | $IPF 70 allow all from any to any out keep-state | ||
| - | $IPF 80 allow icmp from any to any | ||
| - | |||
| - | ########################### | ||
| - | ### open port ssh (33) ### | ||
| - | ########################### | ||
| - | |||
| - | $IPF 165 allow tcp from any to any 33 in | ||
| - | $IPF 166 allow tcp from any to any 33 out | ||
| - | |||
| - | #################### | ||
| - | ### Transmission ### | ||
| - | #################### | ||
| - | |||
| - | $IPF 250 allow all from any to any 51413 in | ||
| - | $IPF 251 allow all from any to any 51413 out | ||
| - | |||
| - | # Port web di Transmission per i PC nella LAN di casa | ||
| - | $IPF 300 allow all from 192.168.0.0/ | ||
| - | $IPF 301 allow all from 192.168.0.0/ | ||
| - | |||
| - | # Quello che segue mi sembra essere il nuovo (giugno 2016) IP fisso dell' | ||
| - | $IPF 320 allow tcp from 194.206.179.1 to any 9091 in | ||
| - | $IPF 321 allow tcp from 194.206.179.1 to any 9091 out | ||
| - | |||
| - | # Quello che segue mi sembra essere l'IP di Cuneo | ||
| - | $IPF 330 allow tcp from 151.32.69.218 to any 9091 in | ||
| - | $IPF 331 allow tcp from 151.32.69.218 to any 9091 out | ||
| - | |||
| - | ########### | ||
| - | ### WEB ### | ||
| - | ########### | ||
| - | |||
| - | $IPF 400 allow tcp from any to any 80 in | ||
| - | $IPF 410 allow tcp from any to any 80 out | ||
| - | |||
| - | ############# | ||
| - | ### Samba ### | ||
| - | ############# | ||
| - | |||
| - | $IPF 465 allow all from any to any 81 in | ||
| - | $IPF 466 allow all from any to any 81 out | ||
| - | |||
| - | $IPF 470 allow all from any to any 137 in | ||
| - | $IPF 471 allow all from any to any 137 out | ||
| - | |||
| - | $IPF 472 allow all from any to any 138 in | ||
| - | $IPF 473 allow all from any to any 138 out | ||
| - | |||
| - | $IPF 474 allow all from any to any 139 in | ||
| - | $IPF 475 allow all from any to any 139 out | ||
| - | |||
| - | $IPF 476 allow all from any to any 445 in | ||
| - | $IPF 477 allow all from any to any 445 out | ||
| - | |||
| - | #################### | ||
| - | ### Resilio Sync ### | ||
| - | #################### | ||
| - | |||
| - | # Port web di Syn per la LAN di casa | ||
| - | |||
| - | $IPF 480 allow all from 192.168.0.0/ | ||
| - | $IPF 481 allow all from 192.168.0.0/ | ||
| - | |||
| - | # Dall' | ||
| - | |||
| - | $IPF 485 allow all from 81.80.151.159 to any 8888 in | ||
| - | $IPF 486 allow all from 81.80.151.159 to any 8888 out | ||
| - | |||
| - | # Apro il port di ascolto di Resilio Sync | ||
| - | $IPF 490 allow all from any to any 27698 in | ||
| - | $IPF 491 allow all from any to any 27698 out | ||
| - | |||
| - | # Questo serve per scoprire dei peer sulla LAN | ||
| - | $IPF 495 allow udp from any to any 3838 in | ||
| - | $IPF 496 allow udp from any to any 3838 out | ||
| - | |||
| - | # deny and log everything | ||
| - | $IPF 500 deny log all from any to any | ||
| - | </ | ||
| - | ---- | ||
| - | < | ||
| - | root@ks3367031: | ||
| - | IPF=" | ||
| - | ipfw -q -f flush | ||
| - | #loopback | ||
| - | $IPF 10 allow all from any to any via lo0 | ||
| - | $IPF 20 deny all from any to 127.0.0.0/8 | ||
| - | $IPF 30 deny all from 127.0.0.0/8 to any | ||
| - | $IPF 40 deny tcp from any to any frag | ||
| - | # statefull | ||
| - | $IPF 50 check-state | ||
| - | $IPF 60 allow tcp from any to any established | ||
| - | $IPF 70 allow all from any to any out keep-state | ||
| - | $IPF 80 allow icmp from any to any | ||
| - | # open port ftp (20,21), ssh (22), mail (25) | ||
| - | # http (80), dns (53) etc | ||
| - | $IPF 110 allow tcp from any to any 21 in | ||
| - | $IPF 120 allow tcp from any to any 21 out | ||
| - | $IPF 165 allow tcp from any to any 33 in | ||
| - | $IPF 166 allow tcp from any to any 33 out | ||
| - | $IPF 200 allow tcp from any to any 80 in | ||
| - | $IPF 210 allow tcp from any to any 80 out | ||
| - | # Apro il port di ascolto di BitTorrent Sync | ||
| - | $IPF 250 allow udp from any to any 63049 in | ||
| - | # Questo e l' | ||
| - | $IPF 300 allow tcp from 88.191.55.99 to any 8888 in | ||
| - | $IPF 310 allow tcp from 88.191.55.99 to any 8888 out | ||
| - | # Quello che segue mi sembra essere l'IP fisso dell' | ||
| - | $IPF 320 allow tcp from 194.206.179.1 to any 8888 in | ||
| - | $IPF 321 allow tcp from 194.206.179.1 to any 8888 out | ||
| - | # Quello che segue mi sembra essere l'IP di Cuneo | ||
| - | $IPF 330 allow tcp from 151.33.112.205 to any 8888 in | ||
| - | $IPF 331 allow tcp from 151.33.112.205 to any 8888 out | ||
| - | $IPF 400 allow tcp from any to any 63049 in | ||
| - | $IPF 410 allow udp from any to any 63049 in | ||
| - | # deny and log everything | ||
| - | $IPF 500 deny log all from any to any | ||
| - | </ | ||
| - | |||
ipfw.1549294683.txt.gz · Last modified: 2019/02/04 16:38 by francesco