FreeBSD Bugzilla – Attachment 166833 Details for
Bug 207080
pfctl crash when load pf.conf, libc/resolv problem ?
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
pf.conf file
pf.conf.anon (text/plain), 32.89 KB, created by
fabrice.bruel
on 2016-02-10 15:54:20 UTC
(
hide
)
Description:
pf.conf file
Filename:
MIME Type:
Creator:
fabrice.bruel
Created:
2016-02-10 15:54:20 UTC
Size:
32.89 KB
patch
obsolete
> > > > > > > > > > > > > > > > > > >macro0 = "bge0" >macro1 = "vlan20" >macro2 = "vlan950" >macro3 = "vlan952" >macro4 = "vlan120" >macro5 = "vlan3050" >macro6 = "vlan953" >macro7 = "em2" > >macro8 = "tag auth_packet keep state" > > > > > > >macro9 = "{250.140.33.188/32 228.110.21.251/32}" >macro10 = "95.159.52.90/31" > > >macro11 = "217.91.107.99/30" > > >macro12 = "231.246.188.12/28" >macro13 = "196.93.41.102/28" >macro14 = "184.175.234.16/28" >macro15 = "226.8.108.114/29" > >macro16 = "240.15.253.37/28" > >macro17 = "176.91.118.127/32" >macro18 = "40.16.106.81/32" > >macro19 = "230.63.118.132/31" > > > >macro20 = "143.134.66.74/23 26.92.228.40/27 192.222.145.130/26 59.232.248.191/29 85.24.42.119/27" > >macro21 = "93.134.130.112/24 216.200.156.44/24 1.35.124.80/24" > > > >macro22 = "100.29.10.120/28" >macro23 = "50.179.212.43/31" > >macro24 = "138.115.50.45/25" >macro25 = "130.67.73.147/32" >macro26 = "211.12.73.216/32" >macro27 = "180.20.150.227/32" >macro28 = "14.87.44.97/31" >macro29 = "114.208.247.201/32" > > > >macro30 = "61.1.18.134/31" >macro31 = "21.183.179.14/31 203.82.30.201/32" >macro32 = "211.86.87.84/31 213.189.19.66/32" >macro33 = "34.245.132.161/31 44.125.13.77/31" >macro34 = "65.41.72.189/31" >macro35 = "186.201.69.24/31" >macro36 = "34.224.135.113/31" > > >macro37 = "100.17.210.151/30 214.109.123.19/30" >macro38 = "116.151.230.134/31" >macro39 = "209.72.34.234/31" > >macro40 = "235.93.16.185/31" >macro41 = "244.8.42.59/31" >macro42 = "193.224.38.29/32" >macro43 = "99.8.51.26/31" >macro44 = "66.29.183.134/32 150.63.56.113/32" > > > >macro45 = "44.154.46.155/32 222.140.110.21/32" >macro46 = "59.179.153.211/32 14.56.102.247/32 8.43.135.243/32" >macro47 = "62.212.216.45/32 239.27.111.22/32 62.153.114.176/32" > > > >macro48 = "209.206.11.177/32" >macro49 = "30.99.214.136/32" >macro50 = "16.135.74.8/32" >macro51 = "185.248.72.52/32" >macro52 = "25.81.206.151/32" >macro53 = "240.216.159.7/32 64.16.112.78/32 90.223.184.134/32 84.135.208.148/32 243.50.24.142/32" >macro54 = "153.224.12.70/26" >macro55 = "52.145.69.151/32" >macro56 = "105.43.70.76/32" >macro57 = "104.224.81.38/32" >macro58 = "167.194.50.114/32" >macro59 = "2.216.249.31/32" > >macro60 = "185.15.206.210/32" >macro61 = "198.57.61.122/32 87.254.25.52/32" > >macro62 = "96.127.105.132/32" > > > > > >macro63 = "236.198.251.99/32 236.241.87.179/32 183.230.157.203/32 126.79.61.227/32 235.49.227.46/32 " >macro64 = "132.157.61.176/32" >macro65 = "149.142.95.190/32" >macro66 = "25.165.250.103/32 173.147.174.126/32" >macro67 = "30.122.151.34/32 55.127.22.43/32" >macro68 = "226.3.217.115/32" >macro69 = "196.37.95.215/32 187.223.176.0/32 208.101.224.160/32" >macro70 = "177.30.227.121/32" >macro71 = "234.53.66.217/32" >macro72 = "203.53.168.103/32" >macro73 = "110.13.193.139/32 23.105.168.82/32" >macro74 = "218.95.180.240/31 203.69.40.215/32 122.53.119.72/32" >macro75 = "49.14.77.133/32 64.105.73.46/32" >macro76 = "27.59.233.80/32" >macro77 = "11.243.111.98/32 225.195.178.219/32" >macro78 = "155.186.111.216/32" >macro79 = "168.184.159.215/32 167.203.132.170/32" >macro80 = "189.22.2.29/32" >macro81 = "76.152.23.133/32 138.198.239.101/32" >macro82 = "49.167.181.18/32 87.251.222.225/32 41.136.6.194/32" > >macro83 = "177.143.144.53/27 29.76.25.127/25" > > > > >macro84 = "190.200.5.202/27" > > > > > > >macro85 = "94.136.220.175/23 62.38.212.246/23" >macro86 = "44.21.181.14/23 78.224.25.145/23" >macro87 = "115.3.232.17/32" > > > > > > > > > >macro88 = "vlan200" >macro89 = "36.202.24.123/28" >macro90 = "73.233.251.103/30 53.190.235.191/29 169.169.87.171/28" > > > > > >macro91 = "vlan201" >macro92 = "49.102.227.178/28" >macro93 = "73.212.18.37/30 61.41.125.4/29 37.155.101.0/29" > > > > > > >macro94 = "vlan202" >macro95 = "155.68.198.41/28" >macro96 = "158.167.40.117/30 200.176.118.111/29 128.135.138.172/29" > >macro97 = "170.38.34.95/31" > >macro98 = "83.144.141.107/31" > > > > > > >macro99 = "vlan220" >macro100 = "16.201.244.17/26" >macro101 = "201.172.218.21/30 40.78.131.157/29 206.146.50.169/28 7.39.215.183/27 10.224.5.22/28 151.28.51.39/28 55.56.216.96/32 122.29.220.217/28 192.15.179.214/28 127.67.20.230/27 119.6.29.204/29 91.58.80.234/29 13.210.54.16/27 " > >macro102 = "45.211.24.2/30 70.112.16.169/29 50.93.30.137/30" > >macro103 = "107.13.176.80/30 189.134.182.228/29 161.104.27.61/29" > >macro104 = "58.230.113.103/30" > >macro105 = "47.180.75.25/32 104.18.82.181/32" > >macro106 = "167.191.94.5/31 166.236.75.207/31" > >macro107 = "47.51.0.218/32 60.117.102.71/32" > > > > > >macro108 = "vlan221" >macro109 = "187.237.189.28/27" >macro110 = "0.108.169.27/30 71.9.32.42/29 221.116.225.240/28 103.5.86.221/28 173.243.55.149/27 171.142.160.182/28" > >macro111 = "249.203.47.229/30 99.216.14.107/29 9.66.140.132/30" > > > > > > > >macro112 = "vlan222" >macro113 = "41.22.186.220/27" >macro114 = "98.186.151.251/30 172.166.113.10/29 161.200.137.106/28 197.187.147.224/29 36.248.44.236/29 165.192.24.140/29 122.27.80.170/29 125.157.205.29/29 4.65.82.135/29 148.10.64.51/29 118.174.207.42/29 " > >macro115 = "233.98.89.192/32 39.227.153.102/31 22.80.94.180/29" > >macro116 = "62.124.17.149/31" > >macro117 = "31.50.209.229/31 221.49.139.14/32 " > >macro118 = "52.193.197.105/32" > >macro119 = "68.99.140.94/32 28.143.65.20/31 " > >macro120 = "217.157.131.154/32" > >macro121 = "87.16.187.187/32" > >macro122 = "191.97.79.176/32" > >macro123 = "120.180.37.130/31 58.225.205.84/32" > > > > > >macro124 = "vlan230" >macro125 = "58.10.128.90/27" >macro126 = "196.251.191.209/30 75.106.249.164/29 62.144.153.207/28 128.172.52.218/28 204.116.39.186/27 " > > > > > > >macro127 = "vlan231" >macro128 = "103.108.184.219/26" >macro129 = "142.223.126.127/30 189.253.158.181/29 74.153.115.229/28 103.214.252.80/27 90.143.151.212/26" > > > > > >macro130 = "vlan232" >macro131 = "233.56.49.216/29" >macro132 = "56.89.198.152/30" > >macro133 = "43.65.207.82/32 206.54.134.70/29" > > > > > >macro134 = "vlan240" >macro135 = "169.11.226.57/26" >macro136 = "163.101.191.27/30 191.105.62.204/29 155.100.206.243/28 219.249.169.23/27 172.130.164.179/28 207.156.67.149/28 137.91.96.180/27 83.46.179.229/29" > >macro137 = "126.99.203.83/30 31.74.169.187/29" > >macro138 = "88.74.76.183/29 172.50.182.10/29" > >macro139 = "53.29.239.68/32" > > > > > >macro140 = "vlan250" >macro141 = "163.99.220.17/27" >macro142 = "105.84.240.23/30 177.108.216.219/29 183.151.78.78/28 59.113.240.141/28 233.211.24.5/29 179.100.29.159/29" > >macro143 = "247.141.188.30/31 47.147.53.91/31" > > > > > >macro144 = "vlan251" >macro145 = "130.139.211.106/26" >macro146 = "191.13.96.102/30 36.246.11.225/29 215.193.38.156/28 202.205.28.25/27 177.168.54.8/29 173.249.111.112/29 52.6.163.49/29 240.205.116.249/29 121.20.62.166/27 77.174.199.100/29 60.144.158.35/29" > >macro147 = "94.135.26.210/32 18.111.209.106/31" > > > > > > >macro148 = "vlan260" >macro149 = "68.103.231.0/28" >macro150 = "51.207.189.117/30 86.10.134.133/29 8.130.8.109/29" > >macro151 = "162.56.74.210/30 100.254.167.112/29" > > > > > > >macro152 = "vlan261" >macro153 = "191.17.70.226/28" >macro154 = "148.85.126.2/30 61.235.224.91/29 235.192.223.190/29" > >macro155 = "166.46.101.136/30" > > > > > > >macro156 = "vlan299" >macro157 = "144.208.104.193/27" >macro158 = "161.191.196.54/30 130.193.133.230/29 41.237.2.72/28" > > > > > > > > >table <table0> const { self } > > > > > >table <table1> persist file "/etc/pf/table1.def" > > >table <table2> persist file "/etc/pf/table2.def" >table <table3> persist file "/etc/pf/table3.def" >table <table4> persist file "/etc/pf/table4.def" >table <table5> persist file "/etc/pf/table5.def" >table <table6> persist file "/etc/pf/table6.def" >table <table7> persist file "/etc/pf/table7.def" >table <table8> persist file "/etc/pf/table8.def" >table <table9> persist file "/etc/pf/table9.def" >table <table10> persist file "/etc/pf/table10.def" >table <table11> persist file "/etc/pf/table11.def" >table <table12> persist file "/etc/pf/table12.def" >table <table13> persist file "/etc/pf/table13.def" >table <table14> persist file "/etc/pf/table14.def" >table <table15> persist file "/etc/pf/table15.def" >table <table16> persist file "/etc/pf/table16.def" >table <table17> persist file "/etc/pf/table17.def" >table <table18> persist file "/etc/pf/table18.def" >table <table19> persist file "/etc/pf/table19.def" >table <table20> persist file "/etc/pf/table20.def" >table <table21> persist file "/etc/pf/table21.def" >table <table22> persist file "/etc/pf/table22.def" >table <table23> persist file "/etc/pf/table23.def" >table <table24> persist file "/etc/pf/table24.def" >table <table25> persist file "/etc/pf/table25.def" >table <table26> persist file "/etc/pf/table26.def" >table <table27> persist file "/etc/pf/table27.def" >table <table28> persist file "/etc/pf/table28.def" >table <table29> persist file "/etc/pf/table29.def" >table <table30> persist file "/etc/pf/table30.def" >table <table31> persist file "/etc/pf/table31.def" >table <table32> persist file "/etc/pf/table32.def" > > >table <table33> persist file "/etc/pf/table33.def" >table <table34> persist file "/etc/pf/table34.def" > > >table <table35> persist file "/etc/pf/table35.def" >table <table36> persist file "/etc/pf/table36.def" >table <table37> persist file "/etc/pf/table37.def" >table <table38> persist file "/etc/pf/table38.def" >table <table39> persist file "/etc/pf/table39.def" >table <table40> persist file "/etc/pf/table40.def" >table <table41> persist file "/etc/pf/table41.def" >table <table42> persist file "/etc/pf/table42.def" >table <table43> persist file "/etc/pf/table43.def" >table <table44> persist file "/etc/pf/table44.def" > > >table <table45> persist file "/etc/pf/table45.def" >table <table46> persist file "/etc/pf/table46.def" >table <table47> persist file "/etc/pf/table47.def" >table <table48> persist file "/etc/pf/table48.def" >table <table49> persist file "/etc/pf/table49.def" >table <table50> persist file "/etc/pf/table50.def" >table <table51> persist file "/etc/pf/table51.def" >table <table52> persist file "/etc/pf/table52.def" >table <table53> persist file "/etc/pf/table53.def" > > >table <table54> persist > > > > >set block-policy drop >set state-policy if-bound >set skip on lo0 >set optimization normal >set timeout { interval 3, frag 3 } >set timeout { tcp.first 120, tcp.opening 30, tcp.established 3600 } >set timeout { tcp.closing 1, tcp.finwait 1, tcp.closed 1 } >set timeout { udp.first 65, udp.single 35, udp.multiple 65 } >set timeout { icmp.first 20, icmp.error 10 } >set timeout { other.first 60, other.single 30, other.multiple 60 } >set timeout { adaptive.start 0, adaptive.end 0 } >set limit { frags 10000, states 1200000 } > > > > > >scrub out all random-id >scrub all fragment reassemble > > > > > >altq on em1 cbq bandwidth 1Gb queue { std, syslog } >queue std bandwidth 999Mb cbq(default) >queue syslog bandwidth 1Mb qlimit 10000 > > > > > > > > > > > >pass out quick tagged auth_packet keep state > > > > > > > > > > >pass out quick on $macro3 proto udp from {$macro9} to { <table7> <table8> } port syslog $macro8 queue syslog > > >pass out quick on $macro3 proto udp from {$macro9} to $macro19 port ntp $macro8 > > >pass in quick on $macro1 proto tcp from <table3> to {$macro9} port { ssh ftp } flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from <table3> to {$macro9} port > 1023 flags S/SAFR $macro8 >pass in quick on $macro1 proto udp from <table3> to {$macro9} port snmp $macro8 >pass in quick on $macro1 proto icmp from <table3> to {$macro9} icmp-type echoreq $macro8 > > >pass in quick on $macro5 proto tcp from <table4> to { $macro10 } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro5 proto udp from <table4> to { $macro10 } port snmp $macro8 >pass in quick on $macro5 proto icmp from <table4> to { $macro10 } icmp-type echoreq $macro8 >pass in quick on $macro0 proto tcp from <table4> to { $macro10 } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro0 proto udp from <table4> to { $macro10 } port snmp $macro8 >pass in quick on $macro0 proto icmp from <table4> to { $macro10 } icmp-type echoreq $macro8 > >pass out quick proto tcp from { $macro10 } to $macro87 port { https } flags S/SAFR $macro8 > > >pass in quick on $macro1 proto udp from <table6> to {$macro9} port snmp $macro8 >pass in quick on $macro1 proto icmp from <table6> to {$macro9} icmp-type echoreq $macro8 > >pass in quick on $macro3 proto udp from <table2> to { $macro9 } port snmp $macro8 >pass in quick on $macro3 proto icmp from <table2> to { $macro9 } icmp-type echoreq $macro8 > > >pass in quick on $macro3 proto udp from <table33> to {$macro9} port snmp $macro8 > > >pass in quick inet proto icmp from <table2> to <table0> icmp-type echoreq $macro8 > > >pass in quick on $macro1 proto tcp from <table12> to {$macro9} port ssh flags S/SAFR $macro8 >pass in quick on $macro3 proto tcp from <table12> to {$macro9} port ssh flags S/SAFR $macro8 > > > >pass out quick proto icmp from <table0> to { $macro12 $macro13 $macro16 $macro14 $macro20 $macro15 } icmp-type echoreq $macro8 (no-sync) >pass in quick proto icmp from { $macro12 $macro13 $macro16 $macro14 $macro20 $macro15 } to <table0> icmp-type echoreq $macro8 (no-sync) > > >pass quick on $macro7 proto pfsync keep state (no-sync) > > >pass quick on { em0 em1 em3 } proto carp keep state (no-sync) > > > >block in quick log from any to <table0> > > > > > > >pass in quick on $macro2 proto udp from $macro11 to <table8> port syslog $macro8 > > >pass in quick on $macro2 proto udp from $macro11 to $macro19 port ntp $macro8 >pass in quick on $macro2 proto tcp from $macro11 to <table20> port ftp flags S/SAFR $macro8 >pass in quick on $macro2 proto tcp from $macro11 to <table20> port > 1023 flags S/SAFR $macro8 >pass in quick on $macro3 proto tcp from <table20> to $macro11 port > 1023 flags S/SAFR $macro8 > > >pass in quick on $macro3 proto udp from <table33> to { $macro11 } port snmp $macro8 > > >pass in quick on $macro2 proto tcp from $macro11 to <table9> port tacacs flags S/SAFR $macro8 > > >pass in quick on $macro3 proto udp from <table2> to { $macro11 } port snmp $macro8 >pass in quick on $macro3 proto tcp from <table2> to { $macro11 } port telnet flags S/SAFR $macro8 >pass in quick on $macro3 proto icmp from <table2> to { $macro11 } icmp-type echoreq $macro8 > > > >pass in quick on $macro3 proto tcp from <table12> to { $macro11 } port { telnet ssh} flags S/SAFR $macro8 >pass in quick on $macro3 proto icmp from <table12> to { $macro11 } icmp-type echoreq $macro8 > > > > > > > >block in quick log from any to $macro11 > > > > > >pass in quick proto tcp from { $macro20 } to <table35> port { http } flags S/SAFR $macro8 >pass in quick proto tcp from { $macro20 } to <table36> port { http https 5222 } flags S/SAFR $macro8 >pass in quick proto tcp from { $macro20 } to <table37> port { ssh } flags S/SAFR $macro8 >pass in quick proto tcp from { $macro20 } to <table38> port { http 8080 } flags S/SAFR $macro8 >pass in quick proto tcp from { $macro20 } to <table43> port { http } flags S/SAFR $macro8 > > > > > > >pass in quick on $macro1 proto tcp from { <table24> } to { $macro20 } port { ssh 3389 } flags S/SAFR $macro8 > > >pass in quick proto udp from { $macro20 } to <table7> port syslog $macro8 > > >pass in quick proto { udp tcp } from { $macro20 } to <table18> port ntp $macro8 > > >pass in quick on $macro1 proto tcp from <table10> to { $macro20 } port ftp flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from <table10> to { $macro20 } port > 1023 flags S/SAFR $macro8 >pass in quick proto tcp from { $macro20 } to <table10> port ftp flags S/SAFR $macro8 >pass in quick proto tcp from { $macro20 } to <table10> port > 1023 flags S/SAFR $macro8 > > > > > > > > > > > > > >pass in quick on { $macro1 $macro6 } proto tcp from { $macro21 } to { $macro20 } port { ssh https} flags S/SAFR $macro8 >pass in quick on { $macro1 $macro6 } proto icmp from { $macro21 } to { $macro20 } icmp-type echoreq $macro8 > > > > > > >pass in quick proto tcp from { $macro20 } to { $macro21 $macro20 } port { ssh https} flags S/SAFR $macro8 > >pass in quick proto udp from { $macro20 } to { <table22> } port { 53 } $macro8 >pass in quick proto tcp from { $macro20 } to { <table22> } port { 53 } flags S/SAFR $macro8 > >pass in quick proto tcp from { $macro20 } to { <table25> $macro115 } port { smtp 465 } flags S/SAFR $macro8 > >pass in quick proto tcp from { $macro20 } to <table21> port 636 flags S/SAFR $macro8 > >pass in quick proto tcp from { $macro20 } to { $macro48 } port { https } flags S/SAFR $macro8 > >pass in quick proto icmp from { $macro20 } to { $macro20 $macro21 } icmp-type echoreq $macro8 > > > > > > > >pass in quick on $macro1 proto tcp from { <table26> } to { $macro90 } port { https} flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from { <table14> <table17> <table16> <table15> } to { $macro90 } port { https } flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from { <table27> <table28> $macro40 $macro41 $macro25 $macro27 } to { $macro90 } port { https} flags S/SAFR $macro8 > > > > >pass in quick on $macro88 proto tcp from { $macro90 } to { $macro136 $macro101 } port { 8081 >< 8091 } flags S/SAFR $macro8 >pass in quick on $macro88 proto tcp from { $macro90 } to { $macro150 } port { 44861 } flags S/SAFR $macro8 > > > > > > > >pass in quick on $macro1 proto tcp from { <table14> <table17> } to { $macro93 } port { 5432 } flags S/SAFR $macro8 > >pass in quick on $macro1 proto tcp from { $macro37 $macro38 $macro26 $macro24 } to { $macro93 } port { 5432 } flags S/SAFR $macro8 > > > > > > > > > > >pass in quick on $macro1 proto tcp from { <table14> <table17> } to { $macro96 } port { ssh } flags S/SAFR $macro8 > > > >pass in quick on $macro94 proto tcp from { $macro96 } to { $macro22 $macro30 $macro31 $macro32 $macro33 $macro34 $macro35 $macro36 $macro45 $macro20 $macro21 $macro126 $macro129 } port { ssh telnet } flags S/SAFR $macro8 >pass in quick on $macro94 proto tcp from { $macro96 } to { $macro120 } port { 1766 } flags S/SAFR $macro8 >pass in quick on $macro94 proto tcp from { $macro96 } to { $macro126 } port { 80 81 } flags S/SAFR $macro8 > > > > > > > > > > >pass in quick on { $macro99 $macro6 } proto tcp from { $macro101 } to { $macro101 } port { 3128 } flags S/SAFR $macro8 >pass in quick on $macro99 proto tcp from { $macro101 } to { <table26> $macro43 } port { https } flags S/SAFR $macro8 >pass in quick on $macro99 proto tcp from { $macro101 } to { $macro42 } port { 22 } flags S/SAFR $macro8 >pass in quick on $macro99 proto tcp from { $macro106 } to { <table30> } port { 9000 9001 } flags S/SAFR $macro8 >pass in quick on $macro99 proto tcp from { $macro107 } to { $macro23 } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro99 proto tcp from { $macro101 } to { <table29> } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro99 proto tcp from { $macro101 } to { $macro51 } port { 50001 } flags S/SAFR $macro8 >pass in quick on $macro99 proto tcp from { $macro106 } to { $macro72 $macro73 <table32> $macro74 } port { http } flags S/SAFR $macro8 >pass in quick on $macro99 proto tcp from { $macro102 } to { <table32> } port { http } flags S/SAFR $macro8 >pass in quick on $macro99 proto tcp from { $macro102 } to { $macro57 <table31> } port { ftp >1023 } flags S/SAFR $macro8 > > > > > > > > >pass in quick on $macro1 proto tcp from { $macro31 $macro22 } to { $macro110} port { 5432 5433 } flags S/SAFR $macro8 > > > > > > > > > > >pass in quick on $macro1 proto tcp from { $macro21 $macro33 $macro36 $macro22 } to { $macro115 } port { smtp 465 } flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from { $macro45 $macro22 $macro32 $macro33 $macro33 } to { $macro116 } port { 5432 5433 } flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from { $macro22 } to { $macro122 } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from { $macro22 } to { $macro123 } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from { $macro45 } to { $macro114 } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from { $macro31 } to { $macro114 } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from { $macro39 $macro44 $macro63 $macro64 $macro65 } to { $macro121 } port { ssh } flags S/SAFR $macro8 > > > >pass in quick on $macro112 proto tcp from { $macro114 } to { $macro22 } port { ssh} flags S/SAFR $macro8 >pass in quick on $macro112 proto tcp from { $macro114 } to { $macro30 $macro31 $macro32 $macro33 $macro34 $macro35 $macro36 $macro45 } port { ssh} flags S/SAFR $macro8 >pass in quick on $macro112 proto tcp from { $macro114 } to { $macro129 } port { telnet } flags S/SAFR $macro8 >pass in quick on $macro112 proto tcp from { $macro114 } to { $macro45 } port { ssh} flags S/SAFR $macro8 >pass in quick on { $macro112 $macro6 } proto tcp from { $macro114 } to { $macro146 } port { 8080 } flags S/SAFR $macro8 >pass in quick on $macro112 proto tcp from { $macro117 } to { $macro133 } port { 1433 } flags S/SAFR $macro8 > > > > > > > > > > > >pass in quick on { $macro124 $macro6 } proto udp from { $macro126 } to { $macro126 } port { snmp } $macro8 > > > > > > > > > > > >pass in quick on $macro130 proto tcp from { $macro133 } to { $macro126 } port { 5989 } flags S/SAFR $macro8 > > > > > > > > >pass in quick on $macro1 proto tcp from { $macro49 $macro66 } to { $macro143 } port { 5432 } flags S/SAFR $macro8 > > > > > > > > > > >pass in quick on $macro1 proto tcp from { $macro42 } to { $macro146 $macro68 } port > 1023 flags S/SAFR $macro8 > > > >pass in quick on { $macro144 $macro6 } proto tcp from { $macro146 } to { $macro146 } port { 8080 } flags S/SAFR $macro8 >pass in quick on { $macro144 $macro6 } proto udp from { $macro146 } to { $macro20 } port { snmp 162 } $macro8 > >pass in quick on $macro144 proto tcp from { $macro146 } to { $macro118 $macro119 } port { 80} flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro146 } to { <table29> $macro42 } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro146 } to { <table23> } port { 3306 } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro146 } to { $macro52 $macro53 } port { https } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro146 } to { $macro55 } port { 1524 } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro146 } to { $macro69 } port { 1521 } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro146 } to { $macro70 } port { 9000 9001 } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro146 } to { $macro71 $macro73 $macro80 } port { http } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro146 } to { $macro57 <table31> $macro68 $macro42 } port { ftp >1023 } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro147 } to { $macro50 } port { ftp >1023 } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro147 } to { $macro74 } port { 5590 } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro147 } to { $macro62 $macro58 $macro75 $macro78 $macro59 $macro79 } port { http } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro147 } to { $macro76 $macro82 } port { 1521 } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro147 } to { $macro77 } port { 1433 } flags S/SAFR $macro8 >pass in quick on $macro144 proto tcp from { $macro147 } to { $macro60 } port { 50001 } flags S/SAFR $macro8 > > > > > > > > > > >pass in quick on $macro1 proto tcp from { $macro42 } to { $macro136 } port > 1023 flags S/SAFR $macro8 > > > >pass in quick on { $macro134 $macro6 } proto tcp from { $macro136 } to { $macro136 } port { https } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { $macro22 } port { https } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { $macro30 $macro31 $macro32 $macro33 $macro34 $macro35 $macro36 $macro47 } port { https } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { <table26> $macro43 $macro47 } port { https } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { $macro101 } port { 3128 } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { <table29> } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { $macro118 $macro73 <table32> } port { http } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { $macro42 } port { ssh ftp } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { <table23> } port { 3306 } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { $macro56 } port { http https } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { $macro29 } port { 8399 >< 8500 } flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { $macro61 } port { 44380 } flags S/SAFR $macro8 > > > >pass in quick on $macro134 proto tcp from { $macro136 } to { <table53> <table45> <table48> } port { telnet ssh } flags S/SAFR $macro8 >pass in quick on $macro134 proto udp from { $macro136 } to { <table53> <table45> <table48> } port snmp $macro8 >pass in quick on $macro134 proto icmp from { $macro136 } to { <table53> <table45> <table48> } icmp-type echoreq $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { <table53> <table45> <table48> } port ftp flags S/SAFR $macro8 >pass in quick on $macro134 proto tcp from { $macro136 } to { <table53> <table45> <table48> } port > 1023 flags S/SAFR $macro8 > > > > > > > >pass in quick on $macro1 proto tcp from { $macro42 } to { $macro150 } port > 1023 flags S/SAFR $macro8 > > > > >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro22 $macro30 $macro31 $macro32 $macro33 $macro34 $macro35 $macro36 } port { https } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { <table26> } port { https } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro42 } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro151 } to { <table30> } port { 9000 9001 } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { <table23> } port { 3306 } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro52 $macro53 } port { https } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro56 } port { http https } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro55 } port { 1524 } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro69 } port { 1521 } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro70 } port { 9000 9001 } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro50 } port { ftp >1023 } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro74 } port { 5590 http } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro62 $macro58 $macro75 $macro71 $macro73 $macro80 $macro78 $macro59 <table32> $macro79 $macro80 $macro28 } port { http } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro76 $macro82 } port { 1521 } flags S/SAFR $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro77 } port { 1433 } flags S/SAFR $macro8 > > > >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro84 } port { telnet ssh } flags S/SAFR $macro8 >pass in quick on $macro148 proto udp from { $macro150 } to { $macro84 } port snmp $macro8 >pass in quick on $macro148 proto tcp from { $macro150 } to { $macro84 <table31> $macro68 $macro42 } port { ftp >1023 } flags S/SAFR $macro8 >pass in quick on $macro148 proto icmp from { $macro150 } to { $macro84 } icmp-type echoreq $macro8 > > > > > > > >pass in quick on $macro1 proto tcp from { <table26> <table27> } to { $macro154 } port { https} flags S/SAFR $macro8 >pass in quick on $macro1 proto tcp from { $macro42 } to { $macro154 } port > 1023 flags S/SAFR $macro8 > > > > >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro68 } port > 1023 flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { <table29> } port { ssh } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro42 } port { ssh ftp } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro54 $macro83 } port { ssh https 20532 8443 } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro52 $macro53 } port { https } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro68 } port { ftp } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro50 } port { ssh ftp >1023} flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro56 } port { http https } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro57 } port { ftp >1023 } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro69 } port { 1521 } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro70 } port { 9000 9001 } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro62 $macro71 $macro75 $macro80 $macro78 $macro59 $macro79 $macro81 } port { http } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro76 $macro82 } port { 1521 } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro77 } port { 1433 } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro29 } port { 8399 >< 8500 } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro60 } port { 50001 } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro61 } port { 8080 } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro58 } port { http } flags S/SAFR $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro74 } port { 5590 } flags S/SAFR $macro8 > > > >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro84 } port { telnet ssh } flags S/SAFR $macro8 >pass in quick on $macro152 proto udp from { $macro154 } to { $macro84 } port snmp $macro8 >pass in quick on $macro152 proto icmp from { $macro154 } to { $macro84 } icmp-type echoreq $macro8 >pass in quick on $macro152 proto tcp from { $macro154 } to { $macro84 } port { ftp > 1023 } flags S/SAFR $macro8 > > > > > > > > > > > > > > > > > >pass in quick on $macro148 proto tcp from { $macro158 } to { $macro84 } port { telnet ssh } flags S/SAFR $macro8 >pass in quick on $macro148 proto udp from { $macro158 } to { $macro84 } port snmp $macro8 >pass in quick on $macro148 proto icmp from { $macro158 } to { $macro84 } icmp-type echoreq $macro8 > > > > > > > >block in quick proto { tcp udp } from any to any port { 134 >< 140 445 } > > >block in quick proto { tcp udp } from any to any port 1434 > > >block in quick from any to 225.108.194.38/32 > > >block in quick proto udp from any to 62.105.22.136/32 port 1985 > > >block quick log all >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=166833">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 207080
: 166833 |
167016
|
174090
|
174097
|
174193