Доброго веремени суток всем!
Есть сервер FreeBSD 6.1 ipfw+nat+squid. Задача: проключить из Интернета (известна сеть) хост с RAminom на машыны находящиеся в локале c FreeBSD? ipfw.conf:
# rules for ICMP
add divert natd all from any to any via rl0
add deny icmp from any to any frag
add deny icmp from any to any in via rl0 icmptype 8
add allow icmp from any to any via rl0
add allow tcp from any to any 20 via dc0
add allow tcp from any 20 to any via dc0
add allow tcp from any to any 21 via dc0
add allow tcp from any 21 to any via dc0
add allow tcp from any to any 22,23 via rl0
add allow tcp from any 22,23 to any via rl0
add allow udp from any to any 53 via rl0
add allow udp from any 53 to any via rl0
add allow tcp from any to any 80,443 via rl0
add allow tcp from any 80,443 to any via rl0
add allow tcp from 192.168.0.1 to any 22,23 via dc0
add deny tcp from 192.168.0.0/24 to any 22,23 via dc0
add fwd 192.168.0.20,3128 tcp from any to any http in via dc0
#rules for RemouteAdmin
#add fwd 192.168.0.20,9111 tcp from 195.151.52.0/24 to 195.151.52.54,9111 in via rl0
Вариант для распечатки
OpenNET: Виртуальная конференция (Public)
(ok) on 18-Июл-06, 09:34 
