## Block Everything inbound
block in log all
## allow outbound and return traffic
pass out quick proto tcp from any to any flags S keep state keep frags
pass out quick proto udp from any to any keep state keep frags
## ICMP
pass in quick proto icmp from any to any
pass out quick proto icmp from any to any
##
## Allow localhost traffic
##
pass in quick on lo0 proto tcp from 127.0.0.1/32 to 127.0.0.1/32
## Allow ssh from mangement host
pass in quick proto tcp from 1.2.3.4/32 to any port = 22 flags S keep state keep frags
Thursday, July 23, 2009
Basic ipfilter rules
Labels:
ipfilter
Subscribe to:
Post Comments (Atom)
Blog Archive
-
▼
2009
(32)
-
▼
July
(16)
- My laptop backup plan
- How to clone a Linux box
- How active directory determins what DNS server to ...
- Using rancid to mass update multiple network devices
- Ways to boot Solaris with verbose output
- Sun install MetaClusters
- Quick reference guide to create a new Solaris SMF ...
- How to attach SAN/FC disks to a Solaris 10 system ...
- Instructions on booting a Sun Solaris 10 T2000 fro...
- How to transfer a file with a webserver, uuencode,...
- How to make Solaris 9 recognize SAN attached storage
- Basic ipfilter rules
- Cable Pinouts (ether, t1, e1, etc)
- Using `bc` for base conversoin
- Basic iptables rules
- ASCII Table
-
▼
July
(16)

No comments:
Post a Comment