Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- plan_if="em0"
- next_if="xl0"
- rt = "{ 50000:50500 }"
- set limit { states 1000000000, src-nodes 1000000000, frags 50000000 }
- plan_net="10.0.1.1/24"
- voipfone="80.92.66.14"
- scrub on $next_if
- altq on $next_if priq bandwidth 1500Kb queue { q_dns, q_tcp, q_urg, q_pri, q_std, q_low, q_null }
- queue q_urg priority 15 qlimit 100
- queue q_pri priority 12 qlimit 200
- queue q_std priority 5 qlimit 500
- queue q_low priority 3 qlimit 2000
- queue q_null priority 0 priq(default red) qlimit 2000
- rdr on $plan_if proto tcp from any to any port www -> 127.0.0.1 port 3128
- nat on $next_if from $plan_net -> ($next_if)
- rdr-anchor "miniupnpd"
- pass on lo0
- pass quick on tap0
- ##########################HERE###################
- pass quick on em0 from 10.0.0.0/16 to 10.0.0.0/16
- pass quick on tun0 from 10.0.0.0/16 to 10.0.0.0/16
- # Block
- block out quick on $plan_if inet from any to 125.252.224.90/32
- block out quick on $plan_if inet from any to 125.252.224.91/32
- block in quick on $plan_if proto { tcp, udp } to port { 135, 139, 445 }
- # Outbound (FROM THE LAN TO THE NET)
- pass out on $next_if proto tcp queue (q_null,q_urg) # unknown
- pass out on $next_if proto udp queue (q_null) # unknown
- pass out on $next_if proto { icmp, icmp6 } queue (q_low)
- pass out on $next_if proto tcp to port 1:1024 queue (q_std,q_urg)
- pass out on $next_if proto udp to port 1:1024 queue (q_std)
- pass out on $next_if proto tcp to port { 21,80,443 } queue (q_pri,q_urg)
- pass out on $next_if proto { tcp, udp } to port { 42, 53 } queue (q_urg)
- pass out on $next_if proto tcp to port { 22,23,6667:7000 } queue (q_urg)
- pass out on $next_if proto ipv6 queue (q_std,q_urg)
- pass out on $next_if from any to { 95.154.246.222, 95.154.246.182, 95.154.246.179 } queue (q_std)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
