| rc.firewall (60208) | rc.firewall (64028) |
|---|---|
| 1############ 2# Setup system for firewall service. | 1############ 2# Setup system for firewall service. |
| 3# $FreeBSD: head/etc/rc.firewall 60208 2000-05-08 20:28:20Z ps $ | 3# $FreeBSD: head/etc/rc.firewall 64028 2000-07-30 19:28:05Z obrien $ |
| 4 5# Suck in the configuration variables. 6if [ -r /etc/defaults/rc.conf ]; then 7 . /etc/defaults/rc.conf 8 source_rc_confs 9elif [ -r /etc/rc.conf ]; then 10 . /etc/rc.conf 11fi --- 161 unchanged lines hidden (view full) --- 173 # Stop RFC1918 nets on the outside interface 174 ${fwcmd} add deny all from 10.0.0.0/8 to any via ${oif} 175 ${fwcmd} add deny all from any to 10.0.0.0/8 via ${oif} 176 ${fwcmd} add deny all from 172.16.0.0/12 to any via ${oif} 177 ${fwcmd} add deny all from any to 172.16.0.0/12 via ${oif} 178 ${fwcmd} add deny all from 192.168.0.0/16 to any via ${oif} 179 ${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif} 180 | 4 5# Suck in the configuration variables. 6if [ -r /etc/defaults/rc.conf ]; then 7 . /etc/defaults/rc.conf 8 source_rc_confs 9elif [ -r /etc/rc.conf ]; then 10 . /etc/rc.conf 11fi --- 161 unchanged lines hidden (view full) --- 173 # Stop RFC1918 nets on the outside interface 174 ${fwcmd} add deny all from 10.0.0.0/8 to any via ${oif} 175 ${fwcmd} add deny all from any to 10.0.0.0/8 via ${oif} 176 ${fwcmd} add deny all from 172.16.0.0/12 to any via ${oif} 177 ${fwcmd} add deny all from any to 172.16.0.0/12 via ${oif} 178 ${fwcmd} add deny all from 192.168.0.0/16 to any via ${oif} 179 ${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif} 180 |
| 181 # Stop draft-manning-dsua-01.txt nets on the outside interface | 181 # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1, 182 # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E) 183 # on the outside interface |
| 182 ${fwcmd} add deny all from 0.0.0.0/8 to any via ${oif} 183 ${fwcmd} add deny all from any to 0.0.0.0/8 via ${oif} 184 ${fwcmd} add deny all from 169.254.0.0/16 to any via ${oif} 185 ${fwcmd} add deny all from any to 169.254.0.0/16 via ${oif} 186 ${fwcmd} add deny all from 192.0.2.0/24 to any via ${oif} 187 ${fwcmd} add deny all from any to 192.0.2.0/24 via ${oif} 188 ${fwcmd} add deny all from 224.0.0.0/4 to any via ${oif} 189 ${fwcmd} add deny all from any to 224.0.0.0/4 via ${oif} --- 47 unchanged lines hidden --- | 184 ${fwcmd} add deny all from 0.0.0.0/8 to any via ${oif} 185 ${fwcmd} add deny all from any to 0.0.0.0/8 via ${oif} 186 ${fwcmd} add deny all from 169.254.0.0/16 to any via ${oif} 187 ${fwcmd} add deny all from any to 169.254.0.0/16 via ${oif} 188 ${fwcmd} add deny all from 192.0.2.0/24 to any via ${oif} 189 ${fwcmd} add deny all from any to 192.0.2.0/24 via ${oif} 190 ${fwcmd} add deny all from 224.0.0.0/4 to any via ${oif} 191 ${fwcmd} add deny all from any to 224.0.0.0/4 via ${oif} --- 47 unchanged lines hidden --- |