- 論壇徽章:
- 0
|
請問如果用下面的這個代碼代理客戶機上網(wǎng)!
ext_if="fxp1"
int_if="fxp0"
udp_server="{53,22}"
nat on fxp1 from 192.168.1.0/24 to any ->51.143.182.38
pass out on $ext_if proto udp from any to any port $udp_server keep state
block drop out quick on fxp0 from 192.168.1.17 to any
block drop out quick on fxp0 from 192.168.1.21 to any
block drop out quick on fxp0 from 192.168.1.10 to any
這樣是否可以禁用17 21 10這三臺IP地址的主機上網(wǎng)!!!
感覺用IPFW實現(xiàn)非常好寫!
如果不重新啟動機器,是否可以使用#pfctl -f /etc/pf.conf
來重新載入pf.conf編寫好的規(guī)則!
[ 本帖最后由 zb77510 于 2006-12-21 22:55 編輯 ] |
|
免費注冊
發(fā)表于 2006-12-21 22:53
發(fā)表于 2006-12-22 08:20