[IPFW] Anti GM MODE

Deci nu la toti va reuseste gm mode ipfw.
Azi o sa va explic cum sa-l setati.
Pasul 1.
Deschidem rc.conf.Introducem:

Cod:

firewall_enable="YES"
firewall_script="/usr/local/etc/ipfw.rules"

Salvam , Si uploadam pe server.
PS: rc.conf se gaseste in /etc
Pasul 2.
Mergem in locatia

Cod:

 /usr/local/etc .

Numele scriptului este ipfw.rules . Asta trebuie urcat
Daca aveti scriptu deja setat il urcati.
Daca nu intrati in el si inlocuiti ip-ul cu cel .100
PS: Daca nu aveti acel fisier ipfw.rules in /usr/local/etc il creati si puneti in el codul de mai jos , dar ip-ul sa fie modificat cu cel .100 (in codul de mai jos)
Un script simplu si cred ca eficient:

Cod:

IPF="ipfw -q add"
ipfw -q -f flush


$IPF 500 allow all from any to any
$IPF 1 allow all from IP.100 to any


$IPF 10 allow all from any to any via lo0



$IPF 50 check-state
$IPF 60 allow tcp from any to any established
$IPF 70 allow all from any to any out keep-state
$IPF 80 allow icmp from any to any



$IPF 220 deny all from any to any 14000 in

$IPF 240 deny all from any to any 14001 in

$IPF 260 deny all from any to any 14002 in

$IPF 280 deny all from any to any 14003 in

$IPF 300 deny all from any to any 14004 in

$IPF 340 deny all from any to any 14061 in

$IPF 450 deny all from any to any 14099 in

$IPF 460 deny all from any to any 12001 in

##################################################



Pasul 3 .
Dupa ce uploadam totul dam reboot.
Ne-am logat pe server (root) . Scriem:

Cod:

/etc/rc.d/ipfw restart