Menu
▾
▴
CVS: sidai/ipfilter-config ipf.conf.tmpl,1.4,1.5
|
From: Will P. <pa...@us...> - 2003-03-24 11:27:42
|
Update of /cvsroot/ark/sidai/ipfilter-config In directory sc8-pr-cvs1:/tmp/cvs-serv13034/ipfilter-config Modified Files: ipf.conf.tmpl Log Message: ipfiltering tweaks Index: ipf.conf.tmpl =================================================================== RCS file: /cvsroot/ark/sidai/ipfilter-config/ipf.conf.tmpl,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -r1.4 -r1.5 *** ipf.conf.tmpl 13 Feb 2003 13:51:29 -0000 1.4 --- ipf.conf.tmpl 24 Mar 2003 11:27:07 -0000 1.5 *************** *** 41,44 **** --- 41,46 ---- IFACE = env['IFACE'] # it better be there... MASKBITS = env['MASKBITS'] + DNS1 = env['DNS1'] + DNS2 = env['DNS2'] HOST = thishost._name *************** *** 78,83 **** # packets going in/out of network interfaces that aren't on the loopback # interface should *NOT* exist. ! block in log quick on eri0 from 127.0.0.0/8 to any ! block in log quick on eri0 from any to 127.0.0.0/8 # # And of course, make sure the loopback allows packets to traverse it. --- 80,85 ---- # packets going in/out of network interfaces that aren't on the loopback # interface should *NOT* exist. ! block in log quick on <%= IFACE =%> from 127.0.0.0/8 to any ! block in log quick on <%= IFACE =%> from any to 127.0.0.0/8 # # And of course, make sure the loopback allows packets to traverse it. *************** *** 106,111 **** # Allow outgoing DNS requests: # ! pass out quick proto udp from <%= HOST =%> to 194.72.6.57 port = 53 keep state ! pass out quick proto udp from <%= HOST =%> to 194.73.82.242 port = 53 keep state # # Allow outgoing connections: --- 108,114 ---- # Allow outgoing DNS requests: # ! pass out quick proto udp from <%= HOST =%> to <%= DNS1 =%> port = 53 keep state ! pass out quick proto udp from <%= HOST =%> to <%= DNS2 =%> port = 53 keep state ! # ToDo: and a third? # # Allow outgoing connections: |
