7
IP Filter Quickstart Guide
source link: https://www.vultr.com/docs/ipfilter-quickstart-guide
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
<?xml encoding="utf-8" ??>
IP Filter (commonly referred to as ipf) is an open-source firewall available on several operating systems, including FreeBSD, NetBSD, OpenBSD, and Solaris. IPFILTER is included in the basic FreeBSD install as a kernel loadable module. This quickstart guide provides a few helpful commands and techniques to assist debugging IPFilter.
Start ipf
# service ipfilter start
View the active packet filtering ruleset
ipfstat -io
Remove all filtering rules from the ruleset
ipf -F a
Stop ipf
# service ipfilter stop
Example: Allow SSH, deny all other
Add the following to /etc/ipf.conf for a trivial firewall that blocks everything except SSH (port 22) for an example IP 192.0.2.123.
block in on any all
pass in quick on any proto tcp from any to 192.0.2.123/32 port = 22 keep state
More Information
See the ipf documentation for more details.
Want to contribute?
You could earn up to $600 by adding new articles
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK