diff options
Diffstat (limited to 'config/obr/pf.conf')
| -rw-r--r-- | config/obr/pf.conf | 41 |
1 files changed, 35 insertions, 6 deletions
diff --git a/config/obr/pf.conf b/config/obr/pf.conf index 0640334..8cc7c3f 100644 --- a/config/obr/pf.conf +++ b/config/obr/pf.conf @@ -26,7 +26,7 @@ eurobuild3 = 192.168.1.12 eurobuild4 = 192.168.1.18 eurobuild5 = 192.168.1.21 eurobuild6 = 192.168.1.34 -euroweb2 = 192.168.1.22 +eurobuild3pfreymewa = 192.168.1.41 eurodata = 192.168.1.9 euroweb = 192.168.1.15 euromac = 192.168.1.20 @@ -89,6 +89,33 @@ block quick from <bruteforce> pass in on $ext_if proto tcp from any to ($ext_if) port ssh keep state \ (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2221 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2222 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2223 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2224 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2225 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2226 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2227 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2228 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2229 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) # allow everything on the bridge pass on $DMZ_if all @@ -113,15 +140,17 @@ pass out on $int_if inet proto tcp to $eurodata port 21 user _ftp_proxy pass in on $ext_if inet proto tcp to port 2121 divert-to 127.0.0.1 port 8022 pass out on $int_if inet proto tcp to $eurobuild3 port 2121 user _ftp_proxy pass in on $ext_if proto tcp from any to port 2221 rdr-to $euroweb port 22 -pass in on $ext_if proto tcp from any to port 2222 rdr-to $eurodata port 22 +#pass in on $ext_if proto tcp from any to port 2222 rdr-to $eurodata port 22 pass in on $ext_if proto tcp from any to port 2223 rdr-to $eurobuild3 port 22 -pass in on $ext_if proto tcp from any to port 2224 rdr-to $eurobuild4 port 22 -pass in on $ext_if proto tcp from any to port 2225 rdr-to $eurobuild5 port 22 -pass in on $ext_if proto tcp from any to port 2226 rdr-to $euromac port 22 -pass in on $ext_if proto tcp from any to port 2227 rdr-to $euroweb2 port 22 +#pass in on $ext_if proto tcp from any to port 2224 rdr-to $eurobuild4 port 22 +#pass in on $ext_if proto tcp from any to port 2225 rdr-to $eurobuild5 port 22 +#pass in on $ext_if proto tcp from any to port 2226 rdr-to $euromac port 22 +#pass in on $ext_if proto tcp from any to port 2227 rdr-to $eurobuild3pfreymewa port 22 pass in on $ext_if proto tcp from any to port 2228 rdr-to $eurobuild6 port 22 pass in on $ext_if proto tcp from any to port 5999 rdr-to $euromac port 5900 pass in on $ext_if proto tcp from any to port 5900:5998 rdr-to $eurobuild3 +pass in on $ext_if proto tcp from any to port 5912 rdr-to $eurobuild6 port 5902 +pass in on $ext_if proto tcp from any to port 5914 rdr-to $eurobuild6 port 5904 pass in on $ext_if proto tcp from any to port 6881:6889 rdr-to $eurobuild3 pass in on $ext_if proto tcp from any to port 9981:9982 rdr-to $eurobuild3 pass in on $ext_if proto tcp from any to port 8080 rdr-to $eurobuild3 |