Last active
November 25, 2018 13:56
-
-
Save dmarov/84fb3789f2b79f66cf95e215902e72a1 to your computer and use it in GitHub Desktop.
ipfw firewall
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| ipfw -q -f flush | |
| # __________ | |
| # | | | |
| # | rpi | | |
| # |__________| | |
| # ue0 | |
| # | 192.168.1.100 | |
| # 192.168.1.0/24 | | |
| # | 192.168.1.1 | |
| # ___bge0___ | |
| # | | | |
| # | acer | | |
| # |__________| | |
| # wlan0 | |
| # | 192.168.0.103 | |
| # 192.168.0.0/24 | | |
| # | 192.168.0.1 | |
| # ____?_____ | |
| # | | | |
| # | dlink | | |
| # |__________| | |
| # ? | |
| # | | |
| # | | |
| # isp | |
| # | |
| cmd="ipfw -q" | |
| ext_if="wlan0" | |
| loop_if="lo0" | |
| int_if="bge0" | |
| ext_net="192.168.0.0/24" | |
| int_net="192.168.1.0/24" | |
| $cmd nat 1 config if $ext_if same_ports | |
| $cmd add 00100 allow all from any to any via $loop_if | |
| $cmd add 00100 allow all from any to $int_net via $int_if | |
| $cmd add 00100 nat 1 all from any to any | |
| $cmd add 00100 deny all from any to any |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment