Software, Support, Documentation
|
|
News,
Internal,
Projects,
Home Software, Support, Documentation |
On Wed, Oct 09, 2002 at 11:02:49AM -0700, sammycom wrote: >> ipfw , ܺο >> >> ܺο ڲ ping ͼ ܼ־ Limiging icmp unreach from 204 to 200 packet per second ̷ ͼ >> ipfw ̿ؼ ȭġϰ ֽϴ. >> Ŀο >> options IPFIREWALL >> options IPDIVERT >> options IPFIREWALL_DEFAULT_TO_ACCEPT >> options IPFIREWALL_VERBOSE >> options IPFIREWALL_FORWARD >> ̷ ߰ϰ ѵ ߽ϴ >> >> ׳ ܺο ping ϰϱ /etc/rc.conf ϰ >> /etc/rc.local ٰ >> ipfw add deny icmp from any to 66.218.xxx.133/32 >> ipfw add allow icmp from 66.218.xxx.133/32 to any >> ̷ ߽ϴ. >> (66.218.xxx.133/32 ip ϳ Ƽ Դϴ) >> >> ٵ ̷ϴϱ ܺο ϴ ping ܵǴµ pingϴ° dz >> ܺο η ϴ° ο ܺη ϴ°Ŵ ͽϴ. >> Ȥ Ʋΰ ؼ ipfw flush ļ Ʈ ݴε غ ׳ 66.218.xxx.133 ̷Ե غ >> >> Ȥ ܺο ܺη ε Ǵ°ǰ? >> >> ƽø ּ >> ping ؼ icmptypes 0, 8 ؾ մϴ. (ping ؼ icmp ʿ ϴ.) ܺο η ping ϰ, ο ܺη ping ϱ ؼ ȭ Stateful Inspection ؾ մϴ. FreeBSD ipfw keep-state شմϴ. ipfw keep-state timeout ؾ߸ ֽϴ. (keep-state default timeout ʹ ۾Ƽ ƹ Է ܹϴ. ּ TCP KEEPALIVEδ Ǿ߸ ֽϴ. ϰ ð ʿմϴ.) FreeBSD ִ ٸ ȭ ipfilter ϴ ̴ϴ. ipfilter Ϻ Stateful Inspection ϰ NAT Ŀο ϱ ȿԴϴ. -- ============================================================ // Korea Telecom Internet Solutions, Inc. // FreeBSD/Linux Professional Consulting/Tech. Support // // Pyun YongHyeon // // WWW: http://www.kt-is.co.kr/ // FTP: ftp://ftp.kt-is.co.kr/ // // TEL: +82-2-364-0400 // FAX: +82-2-364-9119 ============================================================ -- Please look and take part in KFUG FAQ: <http://www.kr.freebsd.org/FAQ-kr/> To Unsubscribe: send mail to majordomo@kr.FreeBSD.org with "unsubscribe questions" in the BODY of the message
|
Copyright © 1998-2005 Korea FreeBSD Users Group. All rights reserved. webmaster at kr.FreeBSD.org $Date: 2002/10/31 23:00:24 $ |
|