Created
February 2, 2011 15:38
-
-
Save pawellenart/807861 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| interface="sis0" | |
| primary_ip="94.23.4.157" | |
| secondary_ip="87.98.236.112" | |
| machine_ips="{" $primary_ip $secondary_ip "}" | |
| table <bad_hosts> | |
| block in log all | |
| # ruch do maszyny | |
| pass in on $interface proto tcp from any to $machine_ips port 21 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 25 keep state flags S/SA | |
| pass in on $interface proto { tcp, udp } from any to $machine_ips port 53 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 80 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 113 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 465 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 753 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 995 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 3380 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 5222 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 5223 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 5269 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 5280 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 5237 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 9000:9001 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 30000:50000 keep state flags S/SA | |
| pass in on $interface proto tcp from any to $machine_ips port 50001:50050 keep state flags S/SA | |
| # pingi maszyny | |
| pass in on $interface proto icmp from any to $machine_ips | |
| # ruch na zewnątrz | |
| pass out all | |
| block out on $interface proto tcp from any to 94.125.182.253 # irc.atw-inter.net | |
| block out on $interface proto tcp from any to 195.68.250.21 # ircnet.optilian.net | |
| block out quick on $interface from any to 62.4.23.42 # ircnet.nerim.fr | |
| block out quick on $interface from any to 94.125.182.253 # us.ircnet.org | |
| block out quick on $interface from any to 208.51.40.14 # us.ircnet.org | |
| block out quick on $interface from any to 209.222.22.44 # ircnet.choopa.net | |
| block out quick on $interface from any to 208.51.40.12 # ircnet.eversible.com | |
| pass on lo0 all | |
| block quick log from <bad_hosts> | |
| # blokowanie ataków na POP3(S) | |
| pass in on $interface proto tcp to $machine_ips port 110 keep state (max-src-conn-rate 15/60, overload <bad_hosts> flush global) | |
| pass in on $interface proto tcp to $machine_ips port 995 keep state (max-src-conn-rate 15/60, overload <bad_hosts> flush global) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment