Advertisement
Guest User

Untitled

a guest
Mar 1st, 2015
223
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.84 KB | None | 0 0
  1.  
  2. ipfw -q -f flush
  3. cmd="ipfw -q add "
  4. cmd0="ipfw "
  5. #vhod="igb0"
  6. vhod="lagg0"
  7. clients="igb2"
  8. clients2="igb1"
  9. mainip="95.47.162.2"
  10. main_local_ip="192.168.101.1"
  11.  
  12. $cmd 130 skipto 9000 ip from any to 95.47.162.5 dst-port 80
  13. $cmd 135 skipto 9000 ip from any to 95.47.162.5 dst-port 443
  14. $cmd 140 skipto 9000 ip from 95.47.162.5 80 to any
  15. $cmd 150 skipto 9000 ip from 95.47.162.5 443 to any
  16. $cmd 1150 skipto 9000 ip from 172.22.0.0/24 to 95.47.162.5
  17. $cmd 1160 allow udp from 172.28.100.0/24 to $main_local_ip dst-port 53
  18. $cmd 1170 allow udp from 172.28.100.0/24 to 8.8.8.8 dst-port 53
  19. #privat24
  20. $cmd 1180 skipto 9000 ip from 172.28.100.0/24 to 217.117.65.0/24
  21. $cmd 1182 skipto 9000 ip from 172.28.100.0/24 to 54.76.131.126
  22. $cmd 1183 skipto 9000 ip from 172.28.100.0/24 to 54.76.186.242
  23. $cmd 1184 skipto 9000 ip from 172.28.100.0/24 to 54.77.32.191
  24. #
  25. $cmd 1200 fwd $main_local_ip:80 tcp from 172.28.100.0/24 to any dst-port 80
  26. #$cmd 1205 fwd $main_local_ip:443 tcp from 172.28.100.0/24 to any dst-port 443
  27. $cmd 1240 allow ip from any to $main_local_ip
  28. $cmd 1240 allow ip from 172.28.100.0/24 to 95.47.162.5
  29. $cmd 1300 deny ip from 172.28.100.0/24 to any
  30. $cmd 2000 deny ip from 192.168.101.0/24 to any in recv $clients
  31. $cmd 2010 deny ip from 192.168.108.0/24 to any in recv $clients2
  32. #
  33. $cmd0 table 53 add 95.47.162.3
  34. $cmd0 table 53 add 95.47.162.8
  35. $cmd0 table 53 add 95.47.162.13
  36. $cmd0 table 53 add 95.47.162.14
  37. $cmd 2090 deny ip from any to table\(53\) dst-port 53 in recv $vhod
  38. $cmd 2100 allow ip from me 53 to any not via $vhod
  39. #urik
  40. $cmd 3000 skipto 10100 ip from 95.47.162.192/26 to any
  41. $cmd 3100 skipto 10100 ip from any to 95.47.162.192/26
  42. #real_ip_pppoe
  43. $cmd 3200 skipto 10100 ip from 95.47.162.64/26 to any
  44. $cmd 3300 skipto 10100 ip from any to 95.47.162.64/26
  45. $cmd 3400 skipto 10100 ip from 95.47.162.128/26 to any
  46. $cmd 3500 skipto 10100 ip from any to 95.47.162.128/26
  47.  
  48. #smtp
  49. $cmd 4000 deny ip from any to any dst-port 25
  50. #kernel NAT
  51. $cmd 9900 nat 1 ip from table\(50\) to any out xmit $vhod
  52. $cmd 9902 nat 1 ip from any to 95.47.162.3 in recv $vhod
  53. $cmd 9906 nat 2 ip from table\(25\) to any out xmit $vhod
  54. $cmd 9908 nat 2 ip from any to 95.47.162.8 in recv $vhod
  55. $cmd 9912 nat 3 ip from table\(120\) to any out xmit $vhod
  56. $cmd 9916 nat 3 ip from table\(100\) to any out xmit $vhod
  57. $cmd 9920 nat 3 ip from any to 95.47.162.13 in recv $vhod
  58. $cmd 9922 nat 4 ip from table\(5\) to any out xmit $vhod
  59. $cmd 9926 nat 4 ip from any to 95.47.162.14 in recv $vhod
  60. #
  61. $cmd 9950 pipe 220 ip from table\(25\) to any not via $vhod
  62. $cmd 9990 pipe 200 ip from any to table\(25\) not via $vhod
  63. $cmd 10005 pipe 95 ip from table\(5\) to any not via $vhod
  64. $cmd 10015 pipe 105 ip from any to table\(5\) not via $vhod
  65. $cmd 10050 pipe 150 ip from any to table\(50\) not via $vhod
  66. $cmd 10055 pipe 155 ip from table\(50\) to any not via $vhod
  67. $cmd 10100 pipe 100 ip from any to table\(100\) not via $vhod
  68. $cmd 10105 pipe 110 ip from table\(100\) to any not via $vhod
  69. $cmd 10200 pipe 205 ip from any to table\(120\) not via $vhod
  70. $cmd 10205 pipe 210 ip from table\(120\) to any not via $vhod
  71.  
  72.  
  73. #$cmd0 nat 1 config if $vhod
  74. $cmd0 nat 1 config ip 95.47.162.3
  75. $cmd0 nat 2 config ip 95.47.162.8
  76. $cmd0 nat 3 config ip 95.47.162.13
  77. $cmd0 nat 4 config ip 95.47.162.14
  78.  
  79. #pipe 5M
  80. $cmd0 pipe 95 config bw 5632K mask dst-ip 0xffffffff
  81. $cmd0 pipe 105 config bw 5632K mask dst-ip 0xffffffff
  82. #pipe 50M
  83. $cmd0 pipe 150 config bw 52224K mask dst-ip 0xffffffff
  84. $cmd0 pipe 155 config bw 52224K mask dst-ip 0xffffffff
  85. #evil pipe25M
  86. $cmd0 pipe 200 config bw 26112K mask dst-ip 0xffffffff
  87. $cmd0 pipe 220 config bw 26112K mask dst-ip 0xffffffff
  88. #
  89. #100M
  90. $cmd0 pipe 100 config bw 104448K mask dst-ip 0xffffffff
  91. $cmd0 pipe 110 config bw 104448K mask dst-ip 0xffffffff
  92. #200M !!!!!!
  93. $cmd0 pipe 205 config bw 207872K mask dst-ip 0xffffffff
  94. $cmd0 pipe 210 config bw 207872K mask dst-ip 0xffffffff
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement