#!/bin/sh # # cmd="./ipfw add" # First flush the firewall rules ./ipfw -q -f flush # Localhost rules $cmd 100 pass all from any to any via lo* # Prevent any traffic to 127.0.0.1, localhost spoofing $cmd 110 deny log all from any to 127.0.0.0/8 in $cmd 120 deny log all from 127.0.0.0/8 to any in $cmd check-state # Don't block Avira update. $cmd pass all from 62.146.66.181/24 to me $cmd pass all from 80.190.143.229/24 to me $cmd pass all from 89.105.213.18/24 to me # Allow any outgoing traffic, create dynamic rule for each connection $cmd pass all from me to any out keep-state # Allow incoming torrents $cmd allow udp from any to me 51413 in $cmd allow tcp from any to me 51413 in # Allow DHCP. "any" because "me" doesn't work when machine has no ip address. $cmd allow udp from any 68 to any 67 out $cmd allow udp from any 67 to any 68 in # Log blocked # Default policy is DENY, so traffic which pass past that rule will be blocked. $cmd count log ip from any to any А как защищаешь свою винду ты, мальчик?