Description
This article is from the Firewalls
FAQ, by Matt Curtin cmcurtin@interhack.net and Marcus J. Ranum
mjr@nfr.com with numerous contributions by others.
24 Explanation (filtering rules for a kernel-based packet screen)
* Line one flushes (-f) all forwarding (-F) rules.
* Line two sets the default policy (-p) to deny.
* Lines three through five are input rules (-i) in the following format:
ipfwadm -F (forward) -i (input) m (masq.) -b (bi-directional) -P
protocol)[protocol]-S (source)[subnet/mask] [originating ports]-D
(destination)[subnet/mask][port]
* Line six appends (-a) a rule that permits all internal IP addresses out
to all external addresses on all protocols, all ports.
* Line eight adds a route so that traffic going to 201.123.102.33 will be
directed to the internal address 192.168.1.2.
Continue to:
Share and Enjoy
Bookmark this story so others can enjoy it:
Tags
security, Internet, firewalls, ssl, port, protection, application layer, proxy server, packet screening, filtering rules, viruses, terms
