|
⇤ ← Revision 1 as of 2014-03-21 09:56:24
Size: 39
Comment:
|
Size: 3149
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 2: | Line 2: |
---- {{{ fw-bsd# pfctl -ss No ALTQ support in kernel ALTQ related functions disabled all tcp 10.0.2.15:22 <- 10.0.2.2:38548 ESTABLISHED:ESTABLISHED all tcp 10.0.2.15:22 <- 10.0.2.2:38559 ESTABLISHED:ESTABLISHED all tcp 10.30.50.1:18550 -> 10.30.50.3:22 ESTABLISHED:ESTABLISHED all tcp 10.30.50.3:80 (10.0.2.15:80) <- 10.0.2.2:35520 FIN_WAIT_2:FIN_WAIT_2 all tcp 10.0.2.2:35520 -> 10.30.50.3:80 FIN_WAIT_2:FIN_WAIT_2 all udp 10.30.50.1:53 <- 10.30.50.3:59363 SINGLE:MULTIPLE all udp 10.0.2.15:55546 -> 192.168.11.1:53 MULTIPLE:SINGLE all icmp 144.76.222.201:3782 <- 10.30.50.3:3782 0:0 all icmp 10.0.2.15:25608 (10.30.50.3:3782) -> 144.76.222.201:25608 0:0 all udp 10.30.50.1:53 <- 10.30.50.3:44181 SINGLE:MULTIPLE all udp 10.0.2.15:15999 -> 192.168.11.1:53 MULTIPLE:SINGLE }}} {{{ fw-bsd# pfctl -vsA No ALTQ support in kernel ALTQ related functions disabled ftp-proxy ftp-proxy/1022.1 fw-bsd# pfctl -va ftp-proxy/1022.1 -sa No ALTQ support in kernel ALTQ related functions disabled TRANSLATION RULES: nat inet proto tcp from 10.30.50.3 to 193.162.146.4 port = 64093 rtable 0 -> 10.0.2.15 [ Evaluations: 2 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 62 pid 1022 State Creations: 0 ] rdr inet proto tcp from 10.30.50.3 to 193.162.146.4 port = 64038 rtable 0 -> 193.162.146.4 port 64093 [ Evaluations: 4 Packets: 8 Bytes: 495 States: 0 ] [ Inserted: uid 62 pid 1022 State Creations: 1 ] FILTER RULES: pass in quick inet proto tcp from 10.30.50.3 to 193.162.146.4 port = 64093 flags S/SA keep state (max 1) rtable 0 [ Evaluations: 7 Packets: 8 Bytes: 495 States: 0 ] [ Inserted: uid 62 pid 1022 State Creations: 1 ] pass out quick inet proto tcp from 10.0.2.15 to 193.162.146.4 port = 64093 flags S/SA keep state (max 1) rtable 0 [ Evaluations: 3 Packets: 8 Bytes: 495 States: 0 ] [ Inserted: uid 62 pid 1022 State Creations: 1 ] STATES: all tcp 10.0.2.15:22 <- 10.0.2.2:38606 ESTABLISHED:ESTABLISHED [3755536990 + 65535] [1309337055 + 65535] age 00:08:48, expires in 24:00:00, 1180:736 pkts, 72257:191011 bytes, rule 11 all tcp 10.0.2.15:22 <- 10.0.2.2:38624 ESTABLISHED:ESTABLISHED [711515386 + 65535] [1320134591 + 65535] age 00:07:10, expires in 23:56:58, 138:83 pkts, 12113:12587 bytes, rule 11 all tcp 127.0.0.1:8021 (193.162.146.4:21) <- 10.30.50.3:39696 ESTABLISHED:ESTABLISHED [666381855 + 14624] wscale 6 [2483861655 + 65664] wscale 5 age 00:04:48, expires in 23:56:58, 14:8 pkts, 610:662 bytes all tcp 10.0.2.15:26078 -> 193.162.146.4:21 ESTABLISHED:ESTABLISHED [4051480635 + 65535] [1335296332 + 65535] age 00:04:48, expires in 23:56:58, 11:13 pkts, 498:854 bytes, rule 1 }}} сокращения: http://www.openbsd.org/faq/pf/ru/shortcuts.html pass out = pass out all flags S/SA keep state http://www.openbsd.org/faq/pf/ru/index.html pfsync |
Особенности FreeBSD PF
fw-bsd# pfctl -ss No ALTQ support in kernel ALTQ related functions disabled all tcp 10.0.2.15:22 <- 10.0.2.2:38548 ESTABLISHED:ESTABLISHED all tcp 10.0.2.15:22 <- 10.0.2.2:38559 ESTABLISHED:ESTABLISHED all tcp 10.30.50.1:18550 -> 10.30.50.3:22 ESTABLISHED:ESTABLISHED all tcp 10.30.50.3:80 (10.0.2.15:80) <- 10.0.2.2:35520 FIN_WAIT_2:FIN_WAIT_2 all tcp 10.0.2.2:35520 -> 10.30.50.3:80 FIN_WAIT_2:FIN_WAIT_2 all udp 10.30.50.1:53 <- 10.30.50.3:59363 SINGLE:MULTIPLE all udp 10.0.2.15:55546 -> 192.168.11.1:53 MULTIPLE:SINGLE all icmp 144.76.222.201:3782 <- 10.30.50.3:3782 0:0 all icmp 10.0.2.15:25608 (10.30.50.3:3782) -> 144.76.222.201:25608 0:0 all udp 10.30.50.1:53 <- 10.30.50.3:44181 SINGLE:MULTIPLE all udp 10.0.2.15:15999 -> 192.168.11.1:53 MULTIPLE:SINGLE
fw-bsd# pfctl -vsA No ALTQ support in kernel ALTQ related functions disabled ftp-proxy ftp-proxy/1022.1 fw-bsd# pfctl -va ftp-proxy/1022.1 -sa No ALTQ support in kernel ALTQ related functions disabled TRANSLATION RULES: nat inet proto tcp from 10.30.50.3 to 193.162.146.4 port = 64093 rtable 0 -> 10.0.2.15 [ Evaluations: 2 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 62 pid 1022 State Creations: 0 ] rdr inet proto tcp from 10.30.50.3 to 193.162.146.4 port = 64038 rtable 0 -> 193.162.146.4 port 64093 [ Evaluations: 4 Packets: 8 Bytes: 495 States: 0 ] [ Inserted: uid 62 pid 1022 State Creations: 1 ] FILTER RULES: pass in quick inet proto tcp from 10.30.50.3 to 193.162.146.4 port = 64093 flags S/SA keep state (max 1) rtable 0 [ Evaluations: 7 Packets: 8 Bytes: 495 States: 0 ] [ Inserted: uid 62 pid 1022 State Creations: 1 ] pass out quick inet proto tcp from 10.0.2.15 to 193.162.146.4 port = 64093 flags S/SA keep state (max 1) rtable 0 [ Evaluations: 3 Packets: 8 Bytes: 495 States: 0 ] [ Inserted: uid 62 pid 1022 State Creations: 1 ] STATES: all tcp 10.0.2.15:22 <- 10.0.2.2:38606 ESTABLISHED:ESTABLISHED [3755536990 + 65535] [1309337055 + 65535] age 00:08:48, expires in 24:00:00, 1180:736 pkts, 72257:191011 bytes, rule 11 all tcp 10.0.2.15:22 <- 10.0.2.2:38624 ESTABLISHED:ESTABLISHED [711515386 + 65535] [1320134591 + 65535] age 00:07:10, expires in 23:56:58, 138:83 pkts, 12113:12587 bytes, rule 11 all tcp 127.0.0.1:8021 (193.162.146.4:21) <- 10.30.50.3:39696 ESTABLISHED:ESTABLISHED [666381855 + 14624] wscale 6 [2483861655 + 65664] wscale 5 age 00:04:48, expires in 23:56:58, 14:8 pkts, 610:662 bytes all tcp 10.0.2.15:26078 -> 193.162.146.4:21 ESTABLISHED:ESTABLISHED [4051480635 + 65535] [1335296332 + 65535] age 00:04:48, expires in 23:56:58, 11:13 pkts, 498:854 bytes, rule 1
сокращения: http://www.openbsd.org/faq/pf/ru/shortcuts.html
pass out = pass out all flags S/SA keep state
http://www.openbsd.org/faq/pf/ru/index.html
pfsync