Menu
▾
▴
CVS: sidai/ipfilter-config ipf.conf.tmpl,1.6,1.7
|
From: Will P. <pa...@us...> - 2003-03-31 09:33:23
|
Update of /cvsroot/ark/sidai/ipfilter-config In directory sc8-pr-cvs1:/tmp/cvs-serv7584/ipfilter-config Modified Files: ipf.conf.tmpl Log Message: updates Index: ipf.conf.tmpl =================================================================== RCS file: /cvsroot/ark/sidai/ipfilter-config/ipf.conf.tmpl,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -r1.6 -r1.7 *** ipf.conf.tmpl 26 Mar 2003 10:33:51 -0000 1.6 --- ipf.conf.tmpl 31 Mar 2003 09:32:43 -0000 1.7 *************** *** 27,34 **** # # sudo tcpdump -nqt -w - -c 10000 | cat > ~/t/10k.txt ! # ipftest -T -I eri0 -r <rules> -i ~/t/10k.txt # # run with: sudo ipf -Fa -f <this file> # monitor with: sudo ipmon import ark.error --- 27,46 ---- # # sudo tcpdump -nqt -w - -c 10000 | cat > ~/t/10k.txt ! # sudo ipftest [-v] (-T or -P) -I eri0 -s <ip-address> -r <rules> -i ~/t/10k.txt ! # ! # Crib sheet for understanding ipftest -v output (stolen): ! # ! # p:i didn't match anything but interface for pass rules ! # p didn't match anything for pass rules ! # p:i* matched a pass rule, not checking anything but interface ! # b:i didn't match anything but interface for block rules ! # ! # b:i*pass ip 40(20) 6 192.168.1.3,4543 > 194.212.121.212,25 ! # ! # matched a block rule, not checking anything but interface # # run with: sudo ipf -Fa -f <this file> # monitor with: sudo ipmon + # ruleset with counts (e.g. out): ipfstat -ho import ark.error *************** *** 74,77 **** --- 86,90 ---- block in all block out log all + # Note: logging blocked in pkts is pretty verbose # #------------------------------------------------------- |
