IT/Security

ipfw 방화벽 설정

Hotman 2018. 5. 7. 19:05

# vi /etc/rc.conf

firewall_enable="YES"

firewall_logging="YES"

firewall_type="/etc/firewall.conf"


# vi /etc/sysctl.conf

net.inet.ip.fw.verbose=1

net.inet.ip.fw.verbose_limit=5


# vi /etc/firewall.conf

--------------------------------------------------------------

# HTTP ACL

add 03100 allow ip from 192.168.0.100 to any 80 keep-state

add 03101 allow ip from 192.168.0.200 to any 80 keep-state


# FTP ACL

add 03110 allow ip from 192.168.0.100 to any 1021 keep-state

add 03111 allow ip from 192.168.0.200 to any 1021 keep-state


# SSH ACL

add 03150 allow ip from 192.168.0.100 to any 2222 keep-state

add 03151 allow ip from 192.168.0.200 to any 2222 keep-state


# All Deny

add 04000 deny all from any to any

--------------------------------------------------------------


# service ipfw start

# ipfw show


저작자표시 (새창열림)