ipfw
Table of Contents
IpFw
Simple but nice firewall. Good Reading
How to create forward for port
Rule below forward request to 5111 to port 232
ipfw add fwd localhost,5111 tcp from any to any 232 via en0
Diverting port using snort
Rule below will divert the traffic from one port to another.\
ipfw add 0010 divert 8080 tcp from any to any 80
NOTE : sysctl net.link.ether.bridge_ipfw=1 (this value enable the snort)
Common Attack Prevention
# XMAS tree
ipfw add 00011 deny log tcp from any to any in tcpflags fin,psh,urg recv em0
# NULL scan (no flag set at all)
ipfw add 00012 deny log tcp from any to any in tcpflags !fin,!syn,!rst,!psh,!ack,!urg recv em0
# SYN flood (SYN,FIN)
ipfw add 00013 deny log tcp from any to any in tcpflags syn,fin recv em0
# Stealth FIN scan (FIN,RST)
ipfw add 00014 deny log tcp from any to any in tcpflags fin,rst recv em0
# forced packet routing
ipfw add 00015 deny log ip from any to any in ipoptions ssrr,lsrr,rr,ts recv em0
# ACK scan (ACK,RST)
ipfw add 00016 deny log tcp from any to any in tcpflags ack,rst recv em0
#deny fragments as bogus packets
ipfw add 00017 deny log all from any to any frag in via em0
ipfw.txt · Last modified: 2020/08/10 02:35 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
