RU/2: Форум. Общение пользователей и разработчиков OS/2 (eCS). : Ответить на сообщение

Имя:
e-mail:
FIDO:
Home page:
сохранить данные о вас

Тема:

> Тогда раскритикуйте, плиз, то, что я выстрадал. А еще лучше - надавайте ценных советов.
> Дано:
> 84.242.6.83 - аврора, смотрящая в инет.
> 192.168.0.1 - она же, смотрящая в квартиру
> 192.168.0.2 и 192.168.0.3 - настольная ХР и прикроватный бук
> 
> ---fwfltrs.cnf begin---
> #Local net
> permit 0.0.0.0 0 0.0.0.0 0 all any 0 any 0 non-secure both both l=no f=yes t=0
> 
> #HTTP, HTTPS request
> permit 84.242.6.83 255.255.255.255 0.0.0.0 0.0.0.0 tcp any 0 eq 80 secure both outbound l=no f=yes t=0
> permit 84.242.6.83 255.255.255.255 0.0.0.0 0.0.0.0 tcp any 0 eq 443 secure both outbound l=no f=yes t=0
> 
> #FTP request
> permit 84.242.6.83 255.255.255.255 0.0.0.0 0.0.0.0 tcp any 0 eq 21 secure local outbound l=no f=yes t=0
> permit 192.168.0.0 255.255.255.0 0.0.0.0 0.0.0.0 tcp any 0 eq 21 secure route outbound l=no f=yes t=0
> permit 192.168.0.0 255.255.255.0 0.0.0.0 0.0.0.0 tcp any 0 ge 40000 secure route outbound l=no f=yes t=0
> 
> #ICQ request
> permit 84.242.6.83 255.255.255.255 0.0.0.0 0.0.0.0 tcp any 0 eq 5190 secure local outbound l=no f=yes t=0
> permit 192.168.0.0 255.255.255.0 0.0.0.0 0.0.0.0 tcp any 0 eq 5190 secure route outbound l=no f=yes t=0
> 
> #IRC request
> permit 84.242.6.83 255.255.255.255 0.0.0.0 0.0.0.0 tcp any 0 eq 6667 secure local outbound l=no f=yes t=0
> permit 192.168.0.0 255.255.255.0 0.0.0.0 0.0.0.0 tcp any 0 eq 6667 secure route outbound l=no f=yes t=0
> 
> #HTTP, HTTPS, FTP, ICQ, IRC answer
> permit 0.0.0.0 0.0.0.0 192.168.0.0 255.255.255.0 tcp/ack any 0 any 0 secure route inbound l=no f=no t=0
> permit 0.0.0.0 0.0.0.0 84.242.6.83 255.255.255.255 tcp/ack any 0 any 0 secure local inbound l=yes f=yes t=0
> 
> #IDENT
> permit 0.0.0.0 0.0.0.0 84.242.6.83 255.255.255.255 tcp any 0 eq 113 secure local inbound l=no f=yes t=0
> permit 84.242.6.83 255.255.255.255 0.0.0.0 0.0.0.0 tcp/ack eq 113 any 0 secure local outbound l=no f=yes t=0
> 
> #DNS
> permit 84.242.6.83 255.255.255.255 0.0.0.0 0.0.0.0 udp any 0 eq 53 secure local outbound l=no f=yes t=0
> permit 192.168.0.0 255.255.255.0 0.0.0.0 0.0.0.0 udp any 0 eq 53 secure route outbound l=no f=yes t=0
> permit 0.0.0.0 0.0.0.0 84.242.6.83 255.255.255.255 udp eq 53 any 0 secure local inbound l=no f=yes t=0
> permit 0.0.0.0 0.0.0.0 192.168.0.0 255.255.255.0 udp eq 53 any 0 secure route inbound l=no f=yes t=0
> 
> #Time
> permit 84.242.6.83 255.255.255.255 0.0.0.0 0.0.0.0 udp any 0 eq 37 secure local outbound l=no f=yes t=0
> permit 192.168.0.0 255.255.255.0 0.0.0.0 0.0.0.0 udp any 0 eq 37 secure route outbound l=no f=yes t=0
> permit 0.0.0.0 0.0.0.0 84.242.6.83 255.255.255.255 udp eq 37 any 0 secure local inbound l=no f=yes t=0
> permit 0.0.0.0 0.0.0.0 192.168.0.0 255.255.255.0 udp eq 37 any 0 secure route inbound l=no f=yes t=0
> 
> #Mail
> permit 192.168.0.0 255.255.255.0 0.0.0.0 0.0.0.0 tcp any 0 eq 110 secure route outbound l=no f=yes t=0
> permit 0.0.0.0 0.0.0.0 192.168.0.0 255.255.255.0 tcp eq 110 any 0 secure route inbound l=no f=yes t=0
> permit 192.168.0.0 255.255.255.0 0.0.0.0 0.0.0.0 tcp any 0 eq 25 secure route outbound l=no f=yes t=0
> permit 0.0.0.0 0.0.0.0 192.168.0.0 255.255.255.0 tcp eq 25 any 0 secure route inbound l=no f=yes t=0
> 
> #ICMP
> permit 84.242.6.253 255.255.255.255 84.242.6.83 255.255.255.255 icmp eq 8 any 0 secure local inbound l=no f=yes t=0
> permit 192.168.92.253 255.255.255.255 84.242.6.83 255.255.255.255 icmp eq 8 any 0 secure local inbound l=no f=yes t=0
> permit 0.0.0.0 0.0.0.0 84.242.6.83 255.255.255.255 icmp any 0 any 0 secure both inbound l=yes f=yes t=0
> permit 84.242.6.83 255.255.255.255 0.0.0.0 0.0.0.0 icmp any 0 any 0 secure both outbound l=yes f=yes t=0
> 
> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 all eq 135 any 0 secure both both l=no f=yes t=0
> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 all eq 137 any 0 secure both both l=no f=yes t=0
> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 all eq 138 any 0 secure both both l=no f=yes t=0
> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 all eq 139 any 0 secure both both l=no f=yes t=0
> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 all eq 445 any 0 secure both both l=no f=yes t=0
> 
> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 udp any 0 any 0 secure both outbound l=yes f=yes t=0
> deny 0.0.0.0 0.0.0.0 255.255.255.255 255.255.255.255 udp any 0 any 0 secure local inbound l=no f=yes t=0
> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 udp any 0 any 0 secure both both l=no f=yes t=0
> 
> deny 194.109.21.230 255.255.255.255 84.242.6.83 255.255.255.255 all any 0 any 0 both both both l=no f=yes t=0
> 
> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 all any 0 any 0 both both both l=yes f=yes t=0
> ---fwfltrs.cnf end---
>

_, __, _, __, /_\ \|_) /_\ \|_) \| \| \| \| \| \| \ ~ ~ ~ ~ ~ ~ ~