mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-12-05 03:39:02 +00:00
Correct filter syntax.
This commit is contained in:
parent
eaa4df37f4
commit
fd33683210
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/cvs2svn/branches/MP/; revision=34637
@ -4,7 +4,7 @@
|
||||
#
|
||||
# Originally written by Toshiharu OHNO
|
||||
#
|
||||
# $Id: ppp.conf.sample,v 1.27 1997/12/30 23:34:35 brian Exp $
|
||||
# $Id: ppp.conf.sample,v 1.28 1997/12/31 03:58:45 brian Exp $
|
||||
#
|
||||
#################################################################
|
||||
|
||||
@ -188,15 +188,15 @@ dodgy:
|
||||
#
|
||||
# If we don't want ICMP and DNS packets to keep the connection alive:
|
||||
#
|
||||
set afilter 0 deny icmp
|
||||
set afilter 1 deny udp src eq 53
|
||||
set afilter 2 deny udp dst eq 53
|
||||
set afilter 3 permit 0/0 0/0
|
||||
set filter alive 0 deny icmp
|
||||
set filter alive 1 deny udp src eq 53
|
||||
set filter alive 2 deny udp dst eq 53
|
||||
set filter alive 3 permit 0/0 0/0
|
||||
#
|
||||
# And we don't want ICMPs to cause a dialup:
|
||||
#
|
||||
set dfilter 0 deny icmp
|
||||
set dfilter 1 permit 0/0 0/0
|
||||
set filter dial 0 deny icmp
|
||||
set filter dial 1 permit 0/0 0/0
|
||||
#
|
||||
# Once the line's up, allow connections for ident (113), telnet (23),
|
||||
# ftp (20 & 21), DNS (53), my place of work (192.244.191.0/24),
|
||||
@ -204,22 +204,22 @@ dodgy:
|
||||
#
|
||||
# Anything else is blocked by default
|
||||
#
|
||||
set ifilter 0 permit tcp dst eq 113
|
||||
set ofilter 0 permit tcp src eq 113
|
||||
set ifilter 1 permit tcp src eq 23 estab
|
||||
set ofilter 1 permit tcp dst eq 23
|
||||
set ifilter 2 permit tcp src eq 21 estab
|
||||
set ofilter 2 permit tcp dst eq 21
|
||||
set ifilter 3 permit tcp src eq 20 dst gt 1023
|
||||
set ofilter 3 permit tcp dst eq 20
|
||||
set ifilter 4 permit udp src eq 53
|
||||
set ofilter 4 permit udp dst eq 53
|
||||
set ifilter 5 permit 192.244.191.0/24 0/0
|
||||
set ofilter 5 permit 0/0 192.244.191.0/24
|
||||
set ifilter 6 permit icmp
|
||||
set ofilter 6 permit icmp
|
||||
set ifilter 7 permit udp dst gt 33433
|
||||
set ofilter 7 permit udp dst gt 33433
|
||||
set filter in 0 permit tcp dst eq 113
|
||||
set filter out 0 permit tcp src eq 113
|
||||
set filter in 1 permit tcp src eq 23 estab
|
||||
set filter out 1 permit tcp dst eq 23
|
||||
set filter in 2 permit tcp src eq 21 estab
|
||||
set filter out 2 permit tcp dst eq 21
|
||||
set filter in 3 permit tcp src eq 20 dst gt 1023
|
||||
set filter out 3 permit tcp dst eq 20
|
||||
set filter in 4 permit udp src eq 53
|
||||
set filter out 4 permit udp dst eq 53
|
||||
set filter in 5 permit 192.244.191.0/24 0/0
|
||||
set filter out 5 permit 0/0 192.244.191.0/24
|
||||
set filter in 6 permit icmp
|
||||
set filter out 6 permit icmp
|
||||
set filter in 7 permit udp dst gt 33433
|
||||
set filter out 7 permit udp dst gt 33433
|
||||
|
||||
|
||||
# Server side PPP
|
||||
|
Loading…
Reference in New Issue
Block a user