Помогите разобраться, братцы!!!
Переписал правила в IPFILTER по принципу "всё что не разрешено - запрещено". В результате получилось около 20 разрешающих правил в конфиге, плюс несколько правил NAT.
Все правила с параметром QUICK (то есть при наступлении события, дальнейшая цепочка не просматривается)
После загрузки этих правил система начинает подвисать, причём процессор загружен на 1-2% и свободной памяти показывает 415M..
Midnight Commander вообще не загружается... Логин по SSH не проходит - сессия замирает после ввода имени пользователя.ОС
GNU bash, version 2.05b.0(1)-release (i386-portbld-freebsd5.3)
IPF : IP Filter: v3.4.35 (336)Подскажите куда копать?
>Подскажите куда копать?Уважаемый, вы бы правила опубликовали.
>
>>Подскажите куда копать?
>
>Уважаемый, вы бы правила опубликовали.Вот примерно такие правила
pass in quick proto icmp from 192.168.1.0/24 to any icmp-type 0 keep state
pass in quick proto icmp from 192.168.1.0/24 to any icmp-type 11 keep state
block in log quick proto icmp from any to any
pass in quick on xl0 proto tcp from 192.168.1.0/24 to 192.168.1.1 port = 22 keep state
pass in quick on xl0 proto tcp from 192.168.1.2 to any keep state
pass in quick on xl0 proto tcp from 192.168.1.190 to any port = 80 keep state
pass in quick on xl0 proto tcp from 192.168.1.195 to any port = 80 keep state
pass in quick on xl0 proto tcp from 192.168.1.190 to any port = 443 keep state
pass in quick on xl0 proto tcp from 192.168.1.195 to any port = 443 keep state
pass in quick on xl0 proto tcp from any to 10.0.0.0/24 port = 53 keep state
pass in quick on xl0 proto udp from any to 10.0.0.0/24 port = 53 keep state
pass in quick on xl0 proto udp from any to 10.0.0.21 port = 123 keep state
pass in quick on xl0 proto tcp from any to 10.0.0.21 port = 123 keep statepass in quick on xl0 proto tcp from any to 10.0.0.0/24 port = 22 keep state
pass in quick on xl1 proto tcp from any to 10.0.0.0/24 port = 222 keep state
pass in quick on xl0 proto tcp from 192.168.1.246 to 10.0.0.21 port = 25 keep state
pass in quick on xl0 proto tcp from 192.168.1.246 to 10.0.0.3 port = 25 keep state
pass in quick on xl0 proto tcp from 192.168.1.0/24 to 10.0.0.3 port = 465 keep state
pass in quick on xl1 proto tcp from 10.0.0.0/24 to 192.168.1.246 port = 25 keep state
pass in quick on xl1 proto tcp from 10.0.0.0/24 to 192.168.1.246 port = 465 keep state
pass in quick on xl0 proto tcp from 192.168.1.0/24 to 10.0.0.3 port = 995 keep state
pass in quick on xl0 proto tcp from 192.168.1.0/24 to 10.0.0.3 port = 993 keep state
pass in quick on xl0 proto tcp from 192.168.1.78 to A.B.C.D port = 25 keep state
pass in quick on xl0 proto tcp from 192.168.1.78 to A.B.C.D port = 110 keep state
pass in quick on xl0 proto tcp from 192.168.1.78 to A.B.C.D port = 21 keep state
pass in quick on xl0 proto udp from 192.168.1.0/24 to A.B.C.D port = 87 keep state
pass in quick on xl0 proto tcp from 192.168.1.140 to any port = 21 keep state
pass in quick on xl0 proto tcp from 192.168.1.7 to any port = 21 keep state
pass in quick on xl0 proto tcp from 192.168.1.129 to any port = 21 keep state
pass in quick on xl0 proto tcp from 192.168.1.0/24 to 10.0.0.0/24 port = 3389 keep state
pass in quick on xl0 proto tcp from 192.168.1.0/24 to 10.0.0.0/24 port = 22 keep statepass in quick on xl0 proto tcp from 192.168.1.0/24 to 212.176.126.173 port = 22 keep state
pass in quick on xl0 proto tcp from 192.168.1.0/24 to 212.176.126.173 port = 222 keep state
pass in quick on xl0 proto tcp from 192.168.1.0/24 to any port = 5190 keep state
pass out quick on xl1 from any to any
pass out quick on xl0 from any to any
block in log quick all
>>
>>>Подскажите куда копать?
>>При беглом осмотре, для начала в сторону localhost
>>>
>>>>Подскажите куда копать?
>>>
>
>При беглом осмотре, для начала в сторону localhostТо есть?