- 現在との差分 を表示
- ソース を表示
- MacOS X/ipfw へ行く。
1: 2014-02-15 (土) 01:24:23 nobuaki | |||
---|---|---|---|
Line 1: | Line 1: | ||
+ | TITLE:Firewall | ||
+ | **SASL LOGINに失敗しているIPアドレスを取り出す [#s674421f] | ||
+ | grep "SASL LOGIN authentication failed" /var/log/system.log|awk '{print $7}'|sort|uniq -c |sort -r|cut -f2 -d'['|sort|sed 's/]://g' | ||
+ | |||
+ | **現在のipfwの設定値を表示する [#f1a845fd] | ||
+ | |||
+ | ujp:~ user$ ipfw list | ||
+ | ipfw: socket: Operation not permitted | ||
+ | ujp:~ user$ | ||
+ | |||
+ | rootユーザにスイッチする. | ||
+ | |||
+ | ujp:~ user$ su | ||
+ | Password: | ||
+ | sh-3.2# ipfw list | ||
+ | 00001 allow udp from any 626 to any dst-port 626 | ||
+ | 01000 allow ip from any to any via lo0 | ||
+ | 01010 deny ip from any to 127.0.0.0/8 | ||
+ | 01020 deny ip from 224.0.0.0/4 to any in | ||
+ | 01030 deny tcp from any to 224.0.0.0/4 in | ||
+ | 12300 allow ip from any to any | ||
+ | 65534 deny ip from any to any | ||
+ | 65535 allow ip from any to any | ||
+ | sh-3.2# | ||
+ | |||
+ | **IPアドレスのルールを追加する [#r5d8a734] | ||
+ | |||
+ | sh-3.2# ipfw add 1001 deny tcp from 88.215.177.135 to any in | ||
+ | 01001 deny tcp from 88.215.177.135 to any in | ||
+ | sh-3.2# ipfw list | ||
+ | 00001 allow udp from any 626 to any dst-port 626 | ||
+ | 01000 allow ip from any to any via lo0 | ||
+ | 01001 deny tcp from 88.215.177.135 to any in ←追加したやつ | ||
+ | 01010 deny ip from any to 127.0.0.0/8 | ||
+ | 01020 deny ip from 224.0.0.0/4 to any in | ||
+ | 01030 deny tcp from any to 224.0.0.0/4 in | ||
+ | 12300 allow ip from any to any | ||
+ | 65534 deny ip from any to any | ||
+ | 65535 allow ip from any to any | ||
+ | sh-3.2# | ||
+ | |||
+ | もう一回追加する. | ||
+ | |||
+ | sh-3.2# ipfw add 1001 deny tcp from 175.116.152.58 to any in | ||
+ | 01001 deny tcp from 175.116.152.58 to any in | ||
+ | sh-3.2# ipfw list | ||
+ | 00001 allow udp from any 626 to any dst-port 626 | ||
+ | 01000 allow ip from any to any via lo0 | ||
+ | 01001 deny tcp from 88.215.177.135 to any in ←さっき追加した奴 | ||
+ | 01001 deny tcp from 175.116.152.58 to any in ←今追加した奴 | ||
+ | 01010 deny ip from any to 127.0.0.0/8 | ||
+ | 01020 deny ip from 224.0.0.0/4 to any in | ||
+ | 01030 deny tcp from any to 224.0.0.0/4 in | ||
+ | 12300 allow ip from any to any | ||
+ | 65534 deny ip from any to any | ||
+ | 65535 allow ip from any to any | ||
+ | sh-3.2# | ||
+ | |||
+ | ルール番号はダブルブッキングOKのようだけど登録順に並べられるようである. |
- MacOS X/ipfw のバックアップ一覧
- MacOS X/ipfw のバックアップ差分(No. All)
- 1: 2014-02-15 (土) 01:24:23 nobuaki
- 現: 2014-02-15 (土) 01:24:23 shinnai(shinnai)
- Rewound to 2 ages ago. at 2017-12-04 (月) 23:26:33
Counter: 865,
today: 2,
yesterday: 0