API tools faq
paste
Guest User

Untitled

a guest
May 25th, 2018
89
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.84 KB | None | 0 0
raw download clone embed print report
  1. # FreeBSD/i386 zakken.hiphop.no
  2.  
  3. ext_if = "rl0"
  4.  
  5. int_if = "ep0"
  6.  
  7. set block-policy return
  8.  
  9. set skip on { lo0 }
  10.  
  11. scrub in
  12.  
  13. table <bruteforce> persist
  14.  
  15. nat on $ext_if from $int_if:network to any -> ($ext_if)
  16.  
  17. rdr on $ext_if proto tcp from any to any port 30000 -> 192.168.187.2 port 30000
  18.  
  19. pass out keep state
  20.  
  21. pass quick on $int_if
  22.  
  23. block in
  24.  
  25. block quick from <bruteforce>
  26.  
  27. pass in on $ext_if inet proto tcp from any to any port { 20, 21, 25, 53, 113, 49152:65535 } keep state (max-src-conn 100, max-src-conn-rate 15/5, overload <bruteforce> flush global)
  28.  
  29. pass in on $ext_if inet proto tcp from any to any port 22 keep state (max-src-conn 15, max-src-conn-rate 5/3, overload <bruteforce> flush global)
  30.  
  31. pass in on $ext_if inet proto udp from any to any port 53 keep state
  32.  
  33. pass in on $ext_if inet proto icmp from any to any keep state
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!