diff options
| author | dm <dm@cvs.openbsd.org> | 1996-01-09 09:29:53 +0000 |
|---|---|---|
| committer | dm <dm@cvs.openbsd.org> | 1996-01-09 09:29:53 +0000 |
| commit | 580705fd00c4c825c1b4c8f99a3b5e13b1ca7334 (patch) | |
| tree | a57a5d4077ccee71d613431cdc380a9bc86ff960 /share/ipf/example.10 | |
| parent | 62bcfe4fb97a3c16cd569d6957f3cd6e9b73e8a1 (diff) | |
added IP filter to netstat/rc and put examples in /usr/share/ipf
Diffstat (limited to 'share/ipf/example.10')
| -rw-r--r-- | share/ipf/example.10 | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/share/ipf/example.10 b/share/ipf/example.10 new file mode 100644 index 00000000000..477c2e071a0 --- /dev/null +++ b/share/ipf/example.10 @@ -0,0 +1,12 @@ +# +# pass ack packets (ie established connection) +# +pass in proto tcp 10.1.0.0/16 port = 23 10.2.0.0/16 flags A/A +pass out proto tcp 10.1.0.0/16 port = 23 10.2.0.0/16 flags A/A +# +# block incoming connection requests to my internal network from the big bad +# internet. +# +block in on le0 proto tcp from any to 10.1.0.0/16 flags S/SA +# to block the replies: +block out on le0 proto tcp from 10.1.0.0 to any flags SA/SA |