FreeBSD配置IPFW防火牆

本文轉載自查看原文 2020-03-03 18:04 748 Unix OS

硬件平台：工控J1900四口小盒子系統：freebsd12.0

網卡em0 外網接口

網卡em1 內網接口

步驟：

step1:配置網卡接口地址和默認路由

root@TOR:~ # vi /etc/rc.conf

ifconfig_em0="inet 192.168.1.10 netmask 255.255.255.0"

ifconfig_em1="inet 10.133.1.254 netmask 255.255.255.0"

defaultrouter="192.168.1.1"

step2:開啟IPFW和NAT功能

root@TOR:~ # vi /etc/rc.conf

firewall_enable="YES"

firewall_script="/etc/ipfw.conf"

natd_enable="YES"

gateway_enable="YES"

natd_interface="em0"

配置完成后保存，重啟系統

step3:配置訪問策略

root@TOR:~ # vi /etc/ipfw.conf

ipfw add allow tcp from 192.168.1.0/24 to me 22 in
ipfw add allow tcp from me 22 to any out
ipfw add allow icmp from any to any icmptypes 8 out
ipfw add allow icmp from any to any icmptypes 0 in
ipfw add divert natd all from any to any via em0
ipfw add pass all from any to any
ipfw add allow udp from me to any 53 out
ipfw add allow udp from any 53 to me in
ipfw add allow icmp from any to any icmptypes 11 in
ipfw add check-state
ipfw add deny tcp from any to any in established
ipfw add allow tcp from any to any out setup keep-state

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 防火牆配置防火牆配置防火牆的基本配置防火牆配置及防火牆NAT配置 UFW防火牆配置防火牆管理配置 Windows防火牆配置關於vyos 防火牆配置防火牆技術配置基於區域策略的防火牆 OpenWrt 防火牆配置、NAT配置