Партнёры:
Хостинг:
ipfw - IP packet filter and traffic accounting
options IPFIREWALL
Other kernel options related to
which may also be useful are:
options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_FORWARD options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100
To load
as a module at boot time, add the following line into the
loader.conf5
file:
ipfw_load="YES"
The default behavior of is to block all incoming and outgoing traffic. This behavior can be modified, to allow all traffic through the firewall by default, by enabling the IPFIREWALL_DEFAULT_TO_ACCEPT kernel option. This option may be useful when configuring for the first time. If the default behavior is to allow everything, it is easier to cope with firewall-tuning mistakes which may accidentally block all traffic.
To enable logging of packets passing through , enable the IPFIREWALL_VERBOSE kernel option. The IPFIREWALL_VERBOSE_LIMIT option will prevent syslogd(8) from flooding system logs or causing local Denial of Service. This option may be set to the number of packets which will be logged on a per-entry basis before the entry is rate-limited.
Policy routing and transparent forwarding features of can be enabled by IPFIREWALL_FORWARD kernel option.
The user interface for is implemented by the ipfw(8) utility, so please refer to the ipfw(8) manpage for a complete description of the capabilities and how to use it.
|
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |