API tools faq
paste
Advertisement
Guest User

pfctl -sr

a guest
Mar 21st, 2023
188
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 23.56 KB | None | 0 0
raw download clone embed print report
  1. 2.6.0-RELEASE][admin@firewall.cosmanperugia.it]/root: pfctl -sr
  2. scrub on igb3 inet all fragment reassemble
  3. scrub on igb3 inet6 all fragment reassemble
  4. scrub on igb4 inet all fragment reassemble
  5. scrub on igb4 inet6 all fragment reassemble
  6. scrub on igb5 inet all fragment reassemble
  7. scrub on igb5 inet6 all fragment reassemble
  8. scrub on igb6 inet all fragment reassemble
  9. scrub on igb6 inet6 all fragment reassemble
  10. scrub on igb8 inet all fragment reassemble
  11. scrub on igb8 inet6 all fragment reassemble
  12. scrub on igb9 inet all fragment reassemble
  13. scrub on igb9 inet6 all fragment reassemble
  14. scrub on ovpns2 inet all fragment reassemble
  15. scrub on ovpns2 inet6 all fragment reassemble
  16. anchor "openvpn/*" all
  17. anchor "ipsec/*" all
  18. pass in quick on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback" ridentifier 1000000001
  19. pass out quick on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback" ridentifier 1000000002
  20. block drop in log quick inet6 all label "Block all IPv6" ridentifier 1000000003
  21. block drop out log quick inet6 all label "Block all IPv6" ridentifier 1000000004
  22. block drop in log quick inet from 169.254.0.0/16 to any label "Block IPv4 link-local" ridentifier 1000000101
  23. block drop in log quick inet from any to 169.254.0.0/16 label "Block IPv4 link-local" ridentifier 1000000102
  24. block drop in log inet all label "Default deny rule IPv4" ridentifier 1000000103
  25. block drop out log inet all label "Default deny rule IPv4" ridentifier 1000000104
  26. block drop in log inet6 all label "Default deny rule IPv6" ridentifier 1000000105
  27. block drop out log inet6 all label "Default deny rule IPv6" ridentifier 1000000106
  28. block drop log quick inet proto tcp from any port = 0 to any label "Block traffic from port 0" ridentifier 1000000107
  29. block drop log quick inet proto udp from any port = 0 to any label "Block traffic from port 0" ridentifier 1000000107
  30. block drop log quick inet proto tcp from any to any port = 0 label "Block traffic to port 0" ridentifier 1000000108
  31. block drop log quick inet proto udp from any to any port = 0 label "Block traffic to port 0" ridentifier 1000000108
  32. block drop log quick from <snort2c> to any label "Block snort2c hosts" ridentifier 1000000109
  33. block drop log quick from any to <snort2c> label "Block snort2c hosts" ridentifier 1000000110
  34. block drop in log quick proto carp from (self) to any ridentifier 1000000201
  35. pass quick proto carp all no state ridentifier 1000000202
  36. block drop in log quick proto tcp from <sshguard> to (self) port = ssh label "sshguard" ridentifier 1000000301
  37. block drop in log quick proto tcp from <sshguard> to (self) port = 22443 label "GUI Lockout" ridentifier 1000000351
  38. block drop in log quick from <virusprot> to any label "virusprot overload table" ridentifier 1000000400
  39. block drop in log on ! igb3 inet from 192.168.1.0/24 to any ridentifier 1000001570
  40. block drop in log inet from 192.168.1.1 to any ridentifier 1000001570
  41. block drop in log on igb3 inet6 from fe80::e63a:6eff:fe48:8db3 to any ridentifier 1000001570
  42. pass in quick on igb3 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" ridentifier 1000001591
  43. pass in quick on igb3 inet proto udp from any port = bootpc to 192.168.1.1 port = bootps keep state label "allow access to DHCP server" ridentifier 1000001592
  44. pass out quick on igb3 inet proto udp from 192.168.1.1 port = bootps to any port = bootpc keep state label "allow access to DHCP server" ridentifier 1000001593
  45. block drop in log on ! igb4 inet from 192.168.5.0/24 to any ridentifier 1000002620
  46. block drop in log inet from 192.168.5.1 to any ridentifier 1000002620
  47. block drop in log on igb4 inet6 from fe80::e63a:6eff:fe48:8db4 to any ridentifier 1000002620
  48. block drop in log on ! igb5 inet from 172.16.16.0/24 to any ridentifier 1000003670
  49. block drop in log inet from 172.16.16.254 to any ridentifier 1000003670
  50. block drop in log on igb5 inet6 from fe80::e63a:6eff:fe48:8db5 to any ridentifier 1000003670
  51. pass in quick on igb5 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" ridentifier 1000003691
  52. pass in quick on igb5 inet proto udp from any port = bootpc to 172.16.16.254 port = bootps keep state label "allow access to DHCP server" ridentifier 1000003692
  53. pass out quick on igb5 inet proto udp from 172.16.16.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" ridentifier 1000003693
  54. block drop in log on ! igb6 inet from 178.236.172.144/29 to any ridentifier 1000004720
  55. block drop in log inet from 178.236.172.146 to any ridentifier 1000004720
  56. block drop in log inet from 178.236.172.147 to any ridentifier 1000004720
  57. block drop in log inet from 178.236.172.148 to any ridentifier 1000004720
  58. block drop in log inet from 178.236.172.149 to any ridentifier 1000004720
  59. block drop in log inet from 178.236.172.150 to any ridentifier 1000004720
  60. block drop in log on igb6 inet6 from fe80::e63a:6eff:fe48:8db6 to any ridentifier 1000004720
  61. block drop in log on ! igb8 inet from 192.168.20.0/24 to any ridentifier 1000005770
  62. block drop in log inet from 192.168.20.254 to any ridentifier 1000005770
  63. block drop in log on igb8 inet6 from fe80::e63a:6eff:fe48:8db8 to any ridentifier 1000005770
  64. pass in quick on igb8 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" ridentifier 1000005791
  65. pass in quick on igb8 inet proto udp from any port = bootpc to 192.168.20.254 port = bootps keep state label "allow access to DHCP server" ridentifier 1000005792
  66. pass out quick on igb8 inet proto udp from 192.168.20.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" ridentifier 1000005793
  67. block drop in log on ! igb9 inet from 192.168.8.0/24 to any ridentifier 1000006820
  68. block drop in log inet from 192.168.8.254 to any ridentifier 1000006820
  69. block drop in log on igb9 inet6 from fe80::e63a:6eff:fe48:8db9 to any ridentifier 1000006820
  70. block drop in log on ! ovpns2 inet from 172.80.80.0/24 to any ridentifier 1000007870
  71. block drop in log inet from 172.80.80.1 to any ridentifier 1000007870
  72. block drop in log on ovpns2 inet6 from fe80::e63a:6eff:fe48:8db0 to any ridentifier 1000007870
  73. pass in on lo0 inet all flags S/SA keep state label "pass IPv4 loopback" ridentifier 1000008961
  74. pass out on lo0 inet all flags S/SA keep state label "pass IPv4 loopback" ridentifier 1000008962
  75. pass out inet all flags S/SA keep state allow-opts label "let out anything IPv4 from firewall host itself" ridentifier 1000008963
  76. pass out route-to (igb6 178.236.172.145) inet from 178.236.172.146 to ! 178.236.172.144/29 flags S/SA keep state allow-opts label "let out anything from firewall host itself" ridentifier 1000009061
  77. pass out route-to (igb6 178.236.172.145) inet from 178.236.172.147 to ! 178.236.172.144/29 flags S/SA keep state allow-opts label "let out anything from firewall host itself" ridentifier 1000009062
  78. pass out route-to (igb6 178.236.172.145) inet from 178.236.172.148 to ! 178.236.172.144/29 flags S/SA keep state allow-opts label "let out anything from firewall host itself" ridentifier 1000009063
  79. pass out route-to (igb6 178.236.172.145) inet from 178.236.172.149 to ! 178.236.172.144/29 flags S/SA keep state allow-opts label "let out anything from firewall host itself" ridentifier 1000009064
  80. pass out route-to (igb6 178.236.172.145) inet from 178.236.172.150 to ! 178.236.172.144/29 flags S/SA keep state allow-opts label "let out anything from firewall host itself" ridentifier 1000009065
  81. pass out route-to (ovpns2 172.80.80.2) inet from 172.80.80.1 to ! 172.80.80.0/24 flags S/SA keep state allow-opts label "let out anything from firewall host itself" ridentifier 1000009066
  82. pass in quick on igb3 proto tcp from any to (igb3) port = 22443 flags S/SA keep state label "anti-lockout rule" ridentifier 10001
  83. pass in quick on igb3 proto tcp from any to (igb3) port = http flags S/SA keep state label "anti-lockout rule" ridentifier 10001
  84. pass in quick on igb3 proto tcp from any to (igb3) port = ssh flags S/SA keep state label "anti-lockout rule" ridentifier 10001
  85. anchor "userrules/*" all
  86. pass in quick on openvpn inet all flags S/SA keep state label "USER_RULE: OpenVPN OpenVPN Cosman wizard" ridentifier 1428069474
  87. pass in log quick on igb3 inet proto tcp from any to 192.168.20.0/24 flags S/SA keep state label "USER_RULE: log rete carroponte" ridentifier 1670256233
  88. pass in log quick on igb3 inet from <FreePBX> to <negate_networks> flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" ridentifier 10000001
  89. pass in log quick on igb3 inet from <FreePBX> to any flags S/SA keep state label "USER_RULE: NethVoice navigazione tramite TWT" ridentifier 1548869361
  90. pass in log quick on igb3 inet proto tcp from <Telefonia> to any port = domain flags S/SA keep state label "USER_RULE: Accesso Porta 53 da Telefoni e Nethvoice" ridentifier 1595599440
  91. pass in log quick on igb3 inet proto udp from <Telefonia> to any port = domain keep state label "USER_RULE: Accesso Porta 53 da Telefoni e Nethvoice" ridentifier 1595599440
  92. pass in log quick on igb3 inet proto tcp from <pi_hole> to any port = domain flags S/SA keep state label "USER_RULE: Accesso Porta 53 da Pi Hole" ridentifier 1595599594
  93. pass in log quick on igb3 inet proto udp from <pi_hole> to any port = domain keep state label "USER_RULE: Accesso Porta 53 da Pi Hole" ridentifier 1595599594
  94. pass in log quick on igb3 inet proto tcp from <GR_QNap> to any port = domain flags S/SA keep state label "USER_RULE: Accesso Porta 53 da GR_QNap" ridentifier 1595604377
  95. pass in log quick on igb3 inet proto udp from <GR_QNap> to any port = domain keep state label "USER_RULE: Accesso Porta 53 da GR_QNap" ridentifier 1595604377
  96. pass in log quick on igb3 inet proto tcp from <GR_VM_SUB20> to any port = domain flags S/SA keep state label "USER_RULE: Accesso Porta 53 da GR_VM_SUB20" ridentifier 1671700496
  97. pass in log quick on igb3 inet proto udp from <GR_VM_SUB20> to any port = domain keep state label "USER_RULE: Accesso Porta 53 da GR_VM_SUB20" ridentifier 1671700496
  98. pass in log quick on igb3 inet proto tcp from <posta> to any port = domain flags S/SA keep state label "USER_RULE: Accesso Porta 53 da Pi Hole" ridentifier 1595602165
  99. pass in log quick on igb3 inet proto udp from <posta> to any port = domain keep state label "USER_RULE: Accesso Porta 53 da Pi Hole" ridentifier 1595602165
  100. pass in log quick on igb3 inet proto tcp from 192.168.1.32 to any port = domain flags S/SA keep state label "USER_RULE: Accesso Porta 53 da Pi Hole" ridentifier 1675288016
  101. pass in log quick on igb3 inet proto udp from 192.168.1.32 to any port = domain keep state label "USER_RULE: Accesso Porta 53 da Pi Hole" ridentifier 1675288016
  102. pass in log quick on igb3 inet proto tcp from <SERVER_DC_239> to any port = domain flags S/SA keep state label "USER_RULE: Accesso Porta 53 da SERVER DC 239" ridentifier 1595599672
  103. pass in log quick on igb3 inet proto udp from <SERVER_DC_239> to any port = domain keep state label "USER_RULE: Accesso Porta 53 da SERVER DC 239" ridentifier 1595599672
  104. pass in log quick on igb3 inet proto tcp from <GR_Proxmox> to any port = domain flags S/SA keep state label "USER_RULE: Accesso Porta 53 da GR_Proxmox" ridentifier 1595603451
  105. pass in log quick on igb3 inet proto udp from <GR_Proxmox> to any port = domain keep state label "USER_RULE: Accesso Porta 53 da GR_Proxmox" ridentifier 1595603451
  106. block drop in log quick on igb3 inet proto tcp from ! <pi_hole> to any port = domain label "USER_RULE: BLOCCO Porta 53 da LanCosman" ridentifier 1595599728
  107. block drop in log quick on igb3 inet proto udp from ! <pi_hole> to any port = domain label "USER_RULE: BLOCCO Porta 53 da LanCosman" ridentifier 1595599728
  108. pass in quick on igb3 inet from 192.168.8.57 to 192.168.1.238 flags S/SA keep state label "USER_RULE: TELECAMERA PER TIME LAPSE" ridentifier 1576660408
  109. pass in quick on igb3 inet from <pc_umberto_cosman> to 192.168.20.0/24 flags S/SA keep state label "USER_RULE: Allow PCUMBERTO to LAN6CASAROSI any rule" ridentifier 1428073563
  110. pass in quick on igb3 inet from <pc_umberto_cosman> to 192.168.8.0/24 flags S/SA keep state label "USER_RULE: Allow PCUMBERTO to LAN8VIDEO any rule" ridentifier 1466499827
  111. pass in quick on igb3 inet from 192.168.1.15 to 192.168.8.0/24 flags S/SA keep state label "USER_RULE: Allow PCNICOLA to LAN8VIDEO any rule" ridentifier 1598522738
  112. pass in quick on igb3 inet from 192.168.1.12 to 192.168.5.245 flags S/SA keep state label "USER_RULE: Allow PCUMBERTO to 192.168.5.245 any rule" ridentifier 1467270811
  113. pass in quick on igb3 inet from <pc_accesso_videosorveglianza> to 192.168.8.0/24 flags S/SA keep state label "USER_RULE: Allow PC to LAN8VIDEO any rule" ridentifier 1466500219
  114. pass in quick on igb3 inet from 192.168.1.0/24 to 192.168.5.0/24 flags S/SA keep state label "USER_RULE: Allow LAN1COSMAN --> FOTOVOLTAICO any rule" ridentifier 1428074438
  115. pass in log quick on igb3 inet from 192.168.1.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule" ridentifier 1428069473
  116. block drop in log quick on igb4 inet from 192.168.5.0/24 to 192.168.1.0/24 label "USER_RULE: Block FOTOVOLTAICO -> LAN1COSMAN" ridentifier 1445524592
  117. block drop in log quick on igb4 inet from 192.168.5.0/24 to 192.168.20.0/24 label "USER_RULE: Block FOTOVOLTAICO -> LAN6CASARO" ridentifier 1445525198
  118. block drop in log quick on igb4 inet from 192.168.5.0/24 to 172.16.16.0/24 label "USER_RULE: Block FOTOVOLTAICO -> WIFI" ridentifier 1445530404
  119. block drop in log quick on igb4 inet from 192.168.5.0/24 to 192.168.8.0/24 label "USER_RULE: Block FOTOVOLTAICO -> LAN8VIDEO" ridentifier 1445530441
  120. block drop in log quick on igb4 inet from 192.168.5.0/24 to 178.236.172.144/29 label "USER_RULE: Block FOTOVOLTAICO -> LAN2TECNOADSL" ridentifier 1445530560
  121. pass in log quick on igb4 inet proto tcp from 192.168.5.0/24 to 192.168.5.1 port = domain flags S/SA keep state label "USER_RULE: Allow FOTOVOLTAICO DNS#53" ridentifier 1445530908
  122. pass in log quick on igb4 inet proto udp from 192.168.5.0/24 to 192.168.5.1 port = domain keep state label "USER_RULE: Allow FOTOVOLTAICO DNS#53" ridentifier 1445530908
  123. block drop in log quick on igb4 inet from 192.168.5.0/24 to 192.168.5.1 label "USER_RULE: Block FOTOVOLTAICO -> FIREWALL" ridentifier 1445530844
  124. pass in log quick on igb4 inet from 192.168.5.0/24 to any flags S/SA keep state label "USER_RULE: Permetti FOTOVOLTAICO to any rule" ridentifier 1428069475
  125. pass in log quick on igb5 inet proto tcp from any to <Stampanti> flags S/SA keep state label "USER_RULE" ridentifier 1519666037
  126. pass in log quick on igb5 inet proto udp from any to <Stampanti> keep state label "USER_RULE" ridentifier 1519666037
  127. block drop in log quick on igb5 inet from 172.16.16.0/24 to 192.168.5.0/24 label "USER_RULE: Block WIFIOSPITI net to FOTOVOLTAICO net" ridentifier 1428069476
  128. block drop in log quick on igb5 inet from 172.16.16.0/24 to 192.168.1.0/24 label "USER_RULE: Block WIFIOSPITI to LAN1CSOMAN" ridentifier 1428069478
  129. block drop in log quick on igb5 inet from 172.16.16.0/24 to 192.168.20.0/24 label "USER_RULE: Block WIFIOSPITI to LAN6 CARROPONTE" ridentifier 1669720811
  130. block drop in log quick on igb5 inet from 172.16.16.0/24 to 192.168.8.0/24 label "USER_RULE: Block WIFIOSPITI to LAN8 VIDEO" ridentifier 1669721218
  131. pass in log quick on igb5 inet from 172.16.16.0/24 to any flags S/SA keep state label "USER_RULE: Default allow WIFI OSPITI to any rule" ridentifier 1428069479
  132. block drop in log quick on igb6 reply-to (igb6 178.236.172.145) inet from <CrowdSec> to any label "USER_RULE: Blocked by CrowdSec" ridentifier 1676545111
  133. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <zimbra> port = https flags S/SA keep state label "USER_RULE: NAT Accesso HTTPS #443 su Zimbra" ridentifier 1428069467
  134. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <server_fotovoltaico> port = http flags S/SA keep state label "USER_RULE: NAT Accesso HTTP #80 Server Fotovoltaico da WAN1T..." ridentifier 1460718740
  135. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <Hickvision_NVR> port = 8000 flags S/SA keep state label "USER_RULE: NAT Accesso Hikvision da iVMS-4500 - porta 8000" ridentifier 1466862799
  136. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <Server_Manutenzioni> port = http flags S/SA keep state label "USER_RULE: NAT Accesso HTTP Server Manutenzioni da TWT" ridentifier 1476460342
  137. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <Server_Manutenzioni> port = https flags S/SA keep state label "USER_RULE: NAT Accesso HTTPS #630 Server Manutenzioni da TWT" ridentifier 1476460383
  138. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <Hickvision_NVR> port = rtsp flags S/SA keep state label "USER_RULE: NAT Accesso Hikvision da iVMS-4500 - porta 554" ridentifier 1477296290
  139. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto udp from any to <Hickvision_NVR> port = rtsp keep state label "USER_RULE: NAT Accesso Hikvision da iVMS-4500 - porta 554" ridentifier 1477296290
  140. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <Hickvision_NVR> port = http flags S/SA keep state label "USER_RULE: NAT Accesso Hikvision da iVMS-4500 - porta 8082 t..." ridentifier 1477296595
  141. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 192.168.6.5 port = 8409 flags S/SA keep state label "USER_RULE: NAT Accesso Myweb ROSI utente" ridentifier 1490270241
  142. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 192.168.6.5 port = 7890 flags S/SA keep state label "USER_RULE: NAT Accesso Oberon ROSI installatore" ridentifier 1490270426
  143. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 192.168.7.5 port = 8409 flags S/SA keep state label "USER_RULE: NAT Accesso Myweb CARLO utente" ridentifier 1491557723
  144. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 192.168.7.5 port = 7890 flags S/SA keep state label "USER_RULE: NAT Accesso Oberon CARLO installatore" ridentifier 1491557784
  145. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 192.168.7.50 port = http flags S/SA keep state label "USER_RULE: NAT Accesso telecamera 50 CARLO" ridentifier 1492154064
  146. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 192.168.7.51 port = rtsp flags S/SA keep state label "USER_RULE: NAT Accesso telecamera 51 CARLO" ridentifier 1492156036
  147. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 192.168.7.51 port = rtsp flags S/SA keep state label "USER_RULE: NAT Accesso telecamera 51 CARLO" ridentifier 1492157925
  148. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <Hickvision_CASACARLO> port = http flags S/SA keep state label "USER_RULE: NAT Accesso Hikvision da iVMS-4500 - porta 8083 t..." ridentifier 1502297185
  149. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from <NovaProject> to <server_fotovoltaico> port = rdp flags S/SA keep state label "USER_RULE: NAT Accesso RDP su server fotovoltaico - NovaProject" ridentifier 1596731238
  150. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto udp from <monitoraggio> to 192.168.1.237 port = snmp keep state label "USER_RULE: NAT monitoraggio nas qnap 237" ridentifier 1599121448
  151. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto udp from <monitoraggio> to 192.168.1.238 port = snmp keep state label "USER_RULE: NAT monitoraggio nas qnap 238" ridentifier 1599124195
  152. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <zimbra> port = http flags S/SA keep state label "USER_RULE: NAT Accesso porta 80 verso server Zimbra" ridentifier 1600760840
  153. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto udp from any to 178.236.172.146 port = openvpn keep state label "USER_RULE: OpenVPN OpenVPN Cosman wizard" ridentifier 1623244325
  154. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 178.236.172.146 port = 1196 flags S/SA keep state label "USER_RULE: OpenVPN Mikrotik Carlo Mannocci" ridentifier 1654609089
  155. pass in log quick on igb6 reply-to (igb6 178.236.172.145) inet proto udp from any to 178.236.172.146 port = rsf-1 keep state label "USER_RULE: OpenVPN 4.0" ridentifier 1670931110
  156. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <firewall> port = 22443 flags S/SA keep state label "USER_RULE: NAT Accesso HTTPS #22443 su Pfsense da WAN2TECNOADSL" ridentifier 1460718742
  157. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to <Hickvision_NVR> port = http flags S/SA keep state label "USER_RULE: NAT Accesso Hikvision iVMS-4500 da Wan2 - porta ..." ridentifier 1477297039
  158. pass in log quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 192.168.1.250 port = http flags S/SA keep state label "USER_RULE: NAT Accesso HTTP Server Manutenzioni Test Ithings..." ridentifier 1638876623
  159. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from any to 192.168.7.5 port = https flags S/SA keep state label "USER_RULE: NAT Accesso Myweb CARLO utente #22775" ridentifier 1656781305
  160. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from <AdalabVodafone> to 192.168.1.193 port = rdp flags S/SA keep state label "USER_RULE: NAT Accesso RDP su VM 193 Test - Adalab" ridentifier 1669992075
  161. pass in quick on igb6 reply-to (igb6 178.236.172.145) inet proto tcp from 31.27.167.162 to 192.168.1.166 port = rdp flags S/SA keep state label "USER_RULE: NAT NAT# Accesso RDP su VM 166" ridentifier 1674234410
  162. pass in quick on igb8 inet from 192.168.20.0/24 to <synology> flags S/SA keep state label "USER_RULE: Pass CARROPONTE to SYNOLOGY NAS BACKUP COSMAN" ridentifier 1670845029
  163. pass in quick on igb8 inet from 192.168.20.0/24 to <SERVER_DC_239> flags S/SA keep state label "USER_RULE: Pass CARROPONTE to DC_239 COSMAN" ridentifier 1672224986
  164. pass in quick on igb8 inet from <GR_VM_SUB20> to 192.168.1.0/24 flags S/SA keep state label "USER_RULE: Pass VM VLAN20 to COSMAN NET" ridentifier 1670845029
  165. block drop in log quick on igb8 inet from 192.168.20.0/24 to 172.16.16.0/24 label "USER_RULE: Block CARROPONTE to WIFIOSPITI" ridentifier 1669721330
  166. block drop in log quick on igb8 inet from 192.168.20.0/24 to 192.168.1.0/24 label "USER_RULE: Block CARROPONTE to LAN1 COSMAN" ridentifier 1669721308
  167. block drop in log quick on igb8 inet proto tcp from 192.168.20.0/24 to 192.168.20.254 label "USER_RULE: Block CARROPONTE to Firewall" ridentifier 1669721925
  168. block drop in log quick on igb8 inet proto udp from 192.168.20.0/24 to 192.168.20.254 label "USER_RULE: Block CARROPONTE to Firewall" ridentifier 1669721925
  169. block drop in log quick on igb8 inet from 192.168.20.0/24 to 192.168.5.0/24 label "USER_RULE: Block CARROPONTE to FOTOVOLTAICO" ridentifier 1669721357
  170. pass in log quick on igb8 inet from 192.168.20.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN6CASAROSI to any rule" ridentifier 1428072465
  171. pass in log quick on igb9 inet proto tcp from 192.168.8.57 to 192.168.1.238 flags S/SA keep state label "USER_RULE" ridentifier 1576763462
  172. pass in quick on igb9 inet proto tcp from 192.168.8.57 to <W7_UnifiController> flags S/SA keep state label "USER_RULE: TELECAMERA to Sitema TIME LAPSE" ridentifier 1578332084
  173. pass in quick on igb9 inet from 192.168.8.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN8VIDEO to any rule" ridentifier 1466498848
  174. pass in log quick on ovpns2 reply-to (ovpns2 172.80.80.2) inet all flags S/SA keep state label "USER_RULE" ridentifier 1654616381
  175. anchor "tftp-proxy/*" all
  176. [2.6.0-RELEASE][admin@firewall.cosmanperugia.it]/root:
  177.  
  178.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!