设为首页收藏本站

LinuxSir.cn,穿越时空的Linuxsir!

 找回密码
 注册
搜索
热搜: shell linux mysql
LinuxSir.cn,穿越时空的Linuxsir!»论坛 Unix 技术讨论区 —— LinuxSir.cn BSD 讨论专题 Why this ipf rule does not work?
返回列表 发新帖
查看: 641|回复: 0

Why this ipf rule does not work?

[复制链接]
edwardj
发表于 2003-8-20 20:49:45 | 显示全部楼层 |阅读模式
ipf 3.4.31,规则如下:

  2.   @1 pass out from any to any
  3.   @1 pass in from any to any
  4.   @2 block return-rst in log quick proto tcp from any to any port 135 >< 139
  5.   @3 block return-rst in log quick proto tcp from any to any port = 445
  6.   @4 block return-icmp-as-dest(port-unr) in log quick proto udp from any to any port 135 >< 139
  7.   @5 block return-icmp-as-dest(port-unr) in log quick proto udp from any to any port = 445
复制代码

偶发现这条规则不起作用:

  2.   @2 block return-rst in log quick proto tcp from any to any port 135 >< 139
复制代码

如果把上面那条规则改成如下5条单独的规则,工作正常。

  2.   block return-rst in log quick proto tcp from any to any port 135
  3.   block return-rst in log quick proto tcp from any to any port 136
  4.   block return-rst in log quick proto tcp from any to any port 137
  5.   block return-rst in log quick proto tcp from any to any port 138
  6.   block return-rst in log quick proto tcp from any to any port 139
复制代码


而同样使用Port range,这条规则就可以

  2.   @4 block return-icmp-as-dest(port-unr) in log quick proto udp from any to any port 135 >< 139
复制代码

难道Port range对TCP规则无效?
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

快速回复 返回顶部 返回列表