Народ помогите с файрволом если не трудно переписать правильно нужно , ниже приведен конфиг на данный момен он очень лажовый. Заранее спасибо и не ругайтесь особо просто срочняк как нада00100 7266 861128 allow ip from any to any via lo0
00500 2330255 1836401181 divert 8888 ip from any to 81.13.65.238 in via fxp0
01000 3642133 1930592328 divert 10000 ip from any to any in via fxp0
01003 459 20502 deny tcp from any to any dst-port 4000-5000
01004 23321 1180389 deny tcp from any to any dst-port 25,110
01005 174 9432 deny tcp from any to any dst-port 6500-10095
01006 18 828 deny tcp from any to any dst-port 10102-34464
01007 0 0 deny tcp from 204.9.177.18 to me
01008 0 0 deny tcp from me to 204.9.177.18
01009 275 14648 deny tcp from any to 204.9.177.18 dst-port 1-38528
01010 2 80 deny tcp from 204.9.177.18 to any dst-port 1-65535
05000 0 0 allow tcp from 195.94.251.34 to 81.13.79.222 dst-port 1352 via fxp0
05025 0 0 deny log tcp from 195.131.52.157 to 81.13.79.222 dst-port 25 via fxp0
05050 7 340 deny log tcp from any to 81.13.79.222 dst-port 80,135,139,389,445,1352 via fxp0
05100 4 304 deny log udp from any to 81.13.79.222 dst-port 123,137,138,445,500,4500 via fxp0
05200 71 6392 deny icmp from any to 81.13.79.222 via fxp0
05300 702 33416 deny log tcp from 81.13.79.222 to any dst-port 21,80,443,3128,8080 via fxp0
08000 0 0 allow ip from 192.168.1.4 to me via fxp1
08100 0 0 allow ip from me to 192.168.1.4 via fxp1
09000 0 0 allow tcp from 172.18.2.122 to me dst-port 21 via fxp1
10000 0 0 allow tcp from 172.18.2.122 to me dst-port 22 via fxp1
10010 12919 1034392 allow tcp from 192.168.1.2 to me dst-port 22 via fxp1
10020 159 19548 allow tcp from 195.94.251.34 to me dst-port 22
10030 0 0 allow tcp from 213.247.150.0/24 to me dst-port 22
10031 0 0 allow tcp from 213.247.198.166 to me dst-port 22
12100 0 0 deny log tcp from 205.158.62.0/24 to me dst-port 25
12900 7 360 deny log tcp from any to me dst-port 25 via fxp0
13500 6 497 deny log ip from any to me dst-port 53 via fxp0
14000 0 0 deny log udp from any to me dst-port 514
14500 124464 159543867 allow tcp from any to me dst-port 1352
15000 0 0 allow tcp from me to me dst-port 3306
15010 0 0 allow tcp from 192.168.1.2 to me dst-port 3306
15900 4 192 deny log tcp from any to me dst-port 3306
50000 1620690 207195354 divert 8888 ip from 192.168.1.2 to any out via fxp0
50030 15 1091 divert 8888 ip from 172.18.2.1 to any out via fxp0
50031 0 0 divert 8888 ip from 172.18.2.122 to any out via fxp0
50032 305 38653 divert 8888 ip from 172.18.2.31 to any out via fxp0
50033 0 0 divert 8888 ip from 172.18.2.232 to any dst-port 22,23 out via fxp0
50036 0 0 divert 8888 ip from 172.18.2.222 to any dst-port 6112 out via fxp0
50040 0 0 divert 8888 ip from 172.18.2.176 to any dst-port 6112 out via fxp0
50043 0 0 divert 8888 ip from 172.18.2.221 to any dst-port 6112 out via fxp0
50044 0 0 divert 8888 ip from 172.18.2.148 to any out via fxp0
50045 0 0 divert 8888 ip from 172.18.2.34 to any out via fxp0
50046 0 0 divert 8888 ip from 172.18.2.198 to any out via fxp0
50047 0 0 divert 8888 ip from 10.1.1.6 to any out via fxp0
50048 1596 189723 divert 8888 ip from 172.18.2.37 to any out via fxp0
50049 67 10283 divert 8888 ip from 172.18.2.218 to any dst-port 3274 out via fxp0
50049 24 1152 divert 8888 ip from 172.18.2.176 to any out via fxp0
50050 80373 104909810 divert 8888 ip from 172.18.2.4 to any dst-port 1352 out via fxp0
50055 2 141 divert 8888 ip from 172.18.2.35 to any out via fxp0
50060 0 0 divert 8888 ip from 172.18.2.252 to any out via fxp0
50070 16 1612 divert 8888 ip from 172.18.2.218 to any dst-port 1239,1240,1111 out via fxp0
50071 0 0 divert 8888 ip from 172.18.2.149 to any out via fxp0
50072 83 42412 divert 8888 ip from 172.18.2.218 to any dst-port 10100 out via fxp0
50073 0 0 divert 8888 ip from 172.18.2.194 to any out via fxp0
50074 0 0 divert 8888 ip from 172.18.2.60 to any dst-port 10100 out via fxp0
50075 0 0 divert 8888 ip from 172.18.2.171 to any dst-port 80 out via fxp0
50080 807 108268 divert 8888 ip from 172.18.2.118 to any out via fxp0
50090 0 0 divert 8888 ip from 172.18.2.103 to any dst-port 1239,1240,1111 out via fxp0
50095 201 46029 divert 8888 ip from 172.18.2.105 to any out via fxp0
50096 0 0 divert 8888 ip from 172.10.2.103 to any out via fxp0
50097 108 5184 divert 8888 ip from 172.18.2.3 to any out via fxp0
50098 0 0 divert 8888 ip from 172.18.2.237 to any out via fxp0
50099 0 0 divert 8888 ip from 192.168.1.200 to any out via fxp0
50100 0 0 divert 8888 ip from 172.18.2.4 to 82.112.5.17 dst-port 1352 out via fxp0
50100 0 0 divert 8888 ip from 172.18.2.27 to any out via fxp0
50101 0 0 divert 8888 ip from 172.18.2.227 to any dst-port 21 out via fxp0
50102 0 0 divert 8888 ip from 172.18.2.1 to any dst-port 21 out via fxp0
50103 0 0 divert 8888 ip from 172.18.2.227 to any out via fxp0
50104 14722 1917636 divert 8888 ip from 172.18.2.225 to any out via fxp0
50105 0 0 divert 8888 ip from 172.18.2.228 to any out via fxp0
50110 0 0 divert 8888 ip from 172.18.2.4 to any dst-port 25 out via fxp0
50120 0 0 divert 8888 ip from 172.18.2.4 to any dst-port 1352 out via fxp0
55000 4 304 deny ip from 10.0.0.0/8 to any out via fxp0
56000 1550096 93925072 deny ip from 172.16.0.0/12 to any out via fxp0
57000 0 0 deny ip from 192.168.0.0/24 to any out via fxp0
65535 14329423 7332778303 allow ip from any to any
Вариант для распечатки
OpenNET: Виртуальная конференция (Public)
(??) on 17-Май-06, 16:33 
