freebsd virtual

I'm looking at possible candidates to act as a router/gateway/firewall in my planned virtual infrastructure. I will have a physical LAN on one side the internet on the other and internally a sort of DMZ for my server VMs. (See attached illustration if you don't get it. )I have looked at the following so far:m0n0wallpfSenseSmoothWall ExpressSince I have been having issues with communicate performance in FreeBSD 6.2 I'm somewhat dubious towards m0n0wall and pfSense but I evaluate their base is a FreeBSD pre-6.2 so it might be ok using the vmxnet device for good performance. But my favorite so far has been SmoothWall however I had some trouble with its DNS server/proxy. What do you use or advise and what makes it good?/Zxinn

Forex Groups - Tips on Trading

Related article:
http://communities.vmware.com/thread/109970

comments | Add comment | Report as Spam

1. Download & Config awstats[me@titik org /usr/local/www/]# wget http://prdownloads sourceforge net/awstats/awstats-6.7 tar gz[me@titik org /usr/local/www/]# tar zxvf awstats-6.7 tar gz[me@titik org /usr/local/www/]# mv awstats-6.7/ awstats/[me@titik org /usr/local/www/]# cd awstats/tools/[me@titik org /usr/local/www/awstats/tools]# ./awstats_configure pl —– AWStats awstats_assemble 1.0 (create 1.7) (c) Laurent Destailleur —–This drive will help you to configure AWStats to care for statistics forone web server. You can try to use it to let it do all that is possiblein AWStats setup however following the go by step manual setupdocumentation (docs/index html) is often a better idea. Above all if:- You are not an administrator user,- You be to analyze downloaded log files without web server,- You be to care for send or ftp log files instead of web log files,- You need to analyze load balanced servers log files,- You want to ‘understand’ all possible ways to use AWStats…construe the AWStats documentation (docs/list html). —–> Running OS detected: Linux. BSD or UnixWarning: AWStats standard directory on Linux OS is ‘/usr/local/awstats’. If you be to use standard directory you should first move all contentof AWStats distribution from current directory:/usr/local/www/awstatsto standard directory:/usr/local/awstatsAnd then run configure pl from this location. Do you be to act setup from this NON standard directory [yN] ? y Enter full config file path of your Web server. Example: /etc/httpd/httpd confExample: /usr/local/apache2/conf/httpd confExample: c:\Program files\apache assort\apache\conf\httpd confConfig file path (’none’ to skip web server setup):> /usr/local/etc/apache2/httpd conf —–> be to create a new config file ?Do you want me to create a new AWStats config/profilefile (required if first install) [y/N] ? y —–> Define config file label to createWhat is the label of your web site or profile analysis ?Example: www mysite comExample: demoYour web site virtual server or profile label:> www titik org —–> be config file pathIn which directory do you plan to store your config file(s) ?fail: /etc/awstatsDirectory path to store config file(s) (Enter for default):> —–> Create config register ‘/etc/awstats/awstats www titik org conf’Config register /etc/awstats/awstats www titik org conf created. —–> Add modify process inside a schedulerSorry configure pl does not support automatic add to cron yet. You can do it manually by adding the following command to your cron:/usr/local/www/awstats/wwwroot/cgi-bin/awstats pl -update -config=myvirtualserverOr if you have several config files and like having only one dominate:/usr/local/www/awstats/tools/awstats_updateall pl nowPress ENTER to continue… No config file was built. You can run this tool later to build asmuch config/compose files as you want. Once you have a config/profile file for example ‘awstats show conf’,You can manually update your statistics for ‘demo’ with command:> perl awstats pl -update -config=demoYou can also construe your statistics for ‘demo’ with URL:> http://localhost/awstats/awstats pl?config=show 2. Edit Apache conf and create htaccess[me@titik org /usr/local/www/awstats/tools]# vi /usr/local/etc/apache2/httpd conf## Directives to add to your Apache conf register to allow use of AWStats as a CGI.# say that path “/usr/local/awstats/” must reflect your AWStats Installation path.#Alias /awstatsclasses “/usr/local/www/awstats/wwwroot/classes/”Alias /awstatscss “/usr/local/www/awstats/wwwroot/css/”Alias /awstatsicons “/usr/local/www/awstats/wwwroot/icon/”ScriptAlias /awstats/ “/usr/local/www/awstats/wwwroot/cgi-bin/”## This is to permit URL access to scripts/files in AWStats directory.#<Directory “/usr/local/www/awstats/wwwroot”>Options NoneAllowOverride authconfigOrder allow,denyAllow from all</Directory> [me@titik org /usr/local/www/awstats/tools]# vi /usr/local/www/awstats/wwwroot/ htaccessAuthUserFile /usr/local/www/ htpasswdAuthGroupFile /dev/nullAuthName “Awstats Login”AuthType Basic 3. Edit generated Awstats config register[me@titik org /var/log/awstats]# vi /etc/awstats/awstats idwebhost com confModify :- LogFile=”/var/log/domain com-access_log”- DirData=”/var/log/awstats” (You be to create this directory)- DirIcons=”/awstatsicons” [me@titik org /var/log/awstats]# mkdir /var/log/awstats/[me@titik org /var/log/awstats]# chown -R www:www /var/log/awstats/[me@titik org /var/log/awstats]# /usr/local/etc/rc d/apache2 reload 4. Generate stats[me@titik org /usr/local/www/awstats]# /usr/local/etc/awstats/wwwroot/cgi-bin/awstats pl -update -config=www titik orgCreate/Update database for config “/etc/awstats/awstats www titik org conf” by AWStats version 6.7 (build 1.892)From data in log register “/var/log/domain com-access_log”…Phase 1 : First avoid old records searching new preserve…enjoin find after measure parsed preserve (after line 1581102)Jumped lines in file: 1581102Found 1581102 already parsed records. Parsed lines in register: 50417Found 0 dropped records,open 0 corrupted records,Found 0 old records,open 50417 new qualified records.

Forex Groups - Tips on Trading

Related article:
http://www.titik.org/2007/10/24/install-awstats-on-freebsd.html

comments | Add comment | Report as Spam

I undergo been playing w/ VMWare Fusion (for Mac OS X) and VMWare Server (for Windows) over the weekend and now undergo a bring together of FreeBSD virtual servers running on my iMac and my X40 (both with 1.5GB RAM). This provides a server environment virtually identical to our production server facility for use as a self-contained development server on-the-go change surface where there is no network. Performance of the virtual server on the iMac (dual core) is very good. The X40 is a much slower machine so setting the virtual server up to a useful state takes much longer althou once this is done the whole thing is very usable. VMWare Fusion is USD80. VMWare Server is remove (as in beer). I’ll compete some more and affirm that the virtual machines created under one environment is compatible with the other. Tags: · · There are no comments yet... Kick things off by filling out the form below.

Forex Groups - Tips on Trading

Related article:
http://wp.rollingegg.net/2007/10/30/vmware/

comments | Add comment | Report as Spam

Hi,I've just tried to lay the FBSD7 Beta1 on my VirtualBox (version1.5.2) using the boot-only-image. During the lay affect the installerwasn't able to get an IP via DHCP. However this works with 6.2 and 6.1boot-only-images. Is this a problem of VirtualBox or is it an Installer problem. CheersJochen_______________________________________________freebsd-current@xxxxxxxxxxx mailing listTo unsubscribe displace any mail to "freebsd-current-unsubscribe@xxxxxxxxxxx" .. I've just tried to install the FBSD7 Beta1 on my VirtualBox (version.. usingthe boot-only-image. ... Is this a problem of VirtualBox or is it an Installer problem... but it creates an ordinary tap device which you undergo to bridge by... (freebsd-current) .. You shouldn't have to install VirtualBox Guest Additions in the guest... OS,but if selecting an audio driver in the VM settings doesn't bring home the bacon. ... Everything worksperfect except appear. ... (Ubuntu) .. I'm having a lot of success running Windows... It's called VirtualBox.... There's a package for Ubuntu you just install it. ... (Ubuntu) . installed virtualbox per mailing enumerate instruction and I could install... Everythingworks ameliorate except appear no sound device installed. ... The sound device thatVirtualBox creates for the virtual machine is not the... (Ubuntu) .. I've just tried to install the FBSD7 Beta1 on my VirtualBox (version.. usingthe boot-only-image. ... Is this a problem of VirtualBox or is it an Installer problem.... I used the ISO Disc 1 to install into a VMware... (freebsd-current)

Forex Groups - Tips on Trading

Related article:
http://unix.derkeiler.com/Mailing-Lists/FreeBSD/current/2007-10/msg01100.html

comments | Add comment | Report as Spam

- (5)- (9)- (1)- (2)- (1)- (2)- (70)- (1)- (1)- (1)- (1)- (10)- (2)- (1)- (1)- (1)- (1)- (6)- (1)- (1)- (5)- (2)- (5)- (2)- (1)- (1)- (19)- (4)- (1)- (3)- (1)- (2)- (2)- (2)- (1)- (1)- (1)- (2)- (1)- (5)- (3)- (1)- (2)- (1)- (1)- (4)- (1)- (2)- (1)- (2)- (6)- (1)- (1)- (1)- (1)- (3)- (1)- (16)- (1)- (11)- (5)- (2)- (1)- (1)- (9)- (4)- (2)- (2)- (1)- (57)- (2)- (1)- (3)- (1)- (1)- (1)- (1)- (1)- (1)- (1)- (2)- (1)- (10)- (1)- (1)- (28)- (1)- (1)- (2)- (1)- (1)- (1)- (6)- (1)- (1)- (1)- (1)- (4)- (2)- (14)- (8)- (1)- (1)- (3)- (1)- (4)- (2)- (12)- (7)- (1)- (12)- (16)- (5)- (1)- (49)- (1)- (1)- (1)- (4)- (5)- (1)- (1)- (1)- (1)- (2)- (2)- (3)- (1)- (3)- (1)- (1)- (1)- (2)- (2)- (63)- (1)- (3)- (1)- (10)- (2)- (1)- (6)- (7)- (2)- (9)- (10)- (1)- (1)- (1)- (4)- (2)- (4)- (1)- (2)- (4)- (7)- (44)- (1)- (14)- (2)- (2)- (9)- (3)- (4)- (60)- (6)- (11)- (1)- (1) FreeBSD使いのはじめてのCentOSのインストールMicrosoft Virtual PC 2004にCentOS 5.0 i386をインストールしてみた。CentOS-5.0-i386-bin-DVD isoをダウンロードする。isoをDAEMONツールでマウントする。VirtualPCのBIOSのbootの順番をCDROMからにする。DVDのドライブを「物理ドライブ d: を使用する」を選んで、CDブートする。途中でインストールするものを選択する画面がある。virtualizationで入れるとプロセッサエラーが起きて起動しなくなるので、注意が必要だ。serverでインストールし、起動した。ユーザの追加ユーザを追加する これで、kaworu さんでログインできる。findのDBを作るインストール直後の状態では、findのDBが存在しないので、作成する。rootで下記コマンドを実行する。 apacheのインストールインストーラのserviceあたりでhttpdを選択してapacheを入れた。手動で入れるなら、yumでhttpdをインストールすればいいらしい。 # /etc/init d/iptables restartFlushing firewall rules: [ OK ]Setting chains to policy evaluate: filter [ OK ]Unloading iptables modules: [ OK ]Applying iptables firewall rules: [ OK ]Loading additional iptables modules: ip_conntrack_netbios_n[ OK ]

Forex Groups - Tips on Trading

Related article:
http://paranoid.dip.jp/kaworu/2007-08-24-1.html

comments | Add comment | Report as Spam

Look for linens , beach and bath towels, and more at TowelTown.com
stop by anytime

comments | Add comment | Report as Spam

Parallels Workstation is the most powerful easiest-to-use cost-effective desktop virtual PC solution available today. It empowers any user from experienced professional developers to sales executives to casual domiciliate users with the ability to create completely networked totally obtain independent maximally stable virtual machines on a hit physical machine. Parallels Workstation is a hardware emulation virtualization solution. This stable trusted technology maps the entertain computer’s hardware resources directly to each virtual PC’s resources allowing each virtual machine to direct identically to a stand-alone computer. Parallels Workstation’s sophisticated virtual machine engine enables each virtual machine to work with its own processor. RAM floppy and CD drives. I/O devices and hard plough – everything a physical computer contains. Parallels Workstation is the first desktop virtualization solution to consider a lightweight hypervisor a develop technology originally developed in the 1960s to maximize the power of large mainframes. Hypervisor technology dramatically improves virtual machine stability security and performance by using a thin layer of software inserted between the machine’s hardware and the primary operating system to directly hold back some of the host machine’s hardware profiles and resources. It not only makes Parallels Workstation-powered virtual machines obtain shelter and efficient but also empowers users to immediately realize the benefits associated with Intel VT hardware virtualization architecture. Hypervisor Technology for Stronger. More Stable Virtual Machines:Parallels Workstation is the first desktop virtualization solution to include a lightweight hypervisor that directly controls some of the entertain computer’s hardware resources. The inclusion of this trusted develop technology ensures that virtual PCs built using Parallels Workstation are the most stable and efficient available. Optimized for Hardware Virtualization:Parallels Workstation’s lightweight hypervisor fully supports the benefits of next-generation CPUs built on Intel’s VT architecture and will support AMD Pacifica architecture when it is released to the command public. Strong OS Support:A sophisticated virtual forge engine that offers the broadest give of x86-based operating systems including: "Legacy" operating systems desire OS/2 eComStation and MS-DOS. Easy to lay. Easy to Use:A powerful wizard enables users to act virtual machines in seconds. The industry’s cleanest most user-friendly management console ensures hassle free control of all virtual machines. Highly Efficient:A small program footprint and trusted hypervisor technology maximizes the efficiency of both the primary and guest OSes. Lowest TCO:At only $49.99 per license. Parallels Workstation is the most cost effective virtual PC solution available today. Its ease of use high-efficiency quick startup measure and responsive technical support schedule increase value and significantly reduce TCO.

Forex Groups - Tips on Trading

Related article:
http://edwardfr.blogspot.com/2007/08/parallelsworkstationv222166inclkeymaker.html

comments | Add comment | Report as Spam

- (5)- (9)- (1)- (2)- (1)- (2)- (60)- (1)- (1)- (1)- (1)- (10)- (2)- (1)- (1)- (1)- (1)- (5)- (1)- (1)- (5)- (2)- (4)- (1)- (1)- (1)- (16)- (1)- (1)- (3)- (1)- (2)- (1)- (2)- (1)- (1)- (1)- (2)- (1)- (5)- (3)- (1)- (2)- (1)- (4)- (1)- (1)- (1)- (2)- (6)- (1)- (1)- (1)- (3)- (1)- (14)- (1)- (10)- (5)- (2)- (1)- (1)- (9)- (4)- (2)- (2)- (50)- (2)- (1)- (3)- (1)- (1)- (1)- (1)- (1)- (1)- (1)- (10)- (1)- (1)- (22)- (1)- (1)- (2)- (1)- (1)- (1)- (5)- (1)- (1)- (1)- (1)- (3)- (1)- (13)- (2)- (1)- (3)- (4)- (2)- (12)- (7)- (10)- (10)- (5)- (43)- (3)- (5)- (1)- (1)- (1)- (1)- (3)- (1)- (3)- (1)- (1)- (2)- (1)- (59)- (2)- (1)- (8)- (2)- (1)- (6)- (5)- (2)- (2)- (10)- (1)- (1)- (4)- (2)- (3)- (1)- (2)- (4)- (6)- (41)- (1)- (10)- (2)- (2)- (9)- (3)- (3)- (51)- (2)- (10)- (1)- (1) FreeBSDやunix、Linuxを触ってみたいけど、マルチブートにするのは怖い、とか、マシンが一台しかないから、インターネットで調べながら、別のＯＳをインストールしたり、操作したりできない、とか、そんなときに、仮想マシンが便利です。今回のテスト対象は、Windows XPです。Windows 2000には、Virtual PC 2007が使えないため、Virtual PC 2004をダウンロードして使ってください。VirutalPC2007のダウンロードVirtual PC 2007 は下記ページからダウンロードができます。setup exe のダウンロードが終わったら、それをインストールします。だいたい、次へ、を押しているだけでOKです。Virtual PC 2004 SP1 - 日本語ftpサイトからFreeBSDのISOイメージをダウンロード下記 ftp サイトから FreeBSD をインストールするための ISO イメージをダウンロードします。今回は、bootonlyではなく、大きいdisc1だけにしてみました。 Virtual PCを起動して、新しいバーチャルマシンを作成します。ここらへんは、適当で16GBの新規ディスクイメージを作成しました。New Virtual Machineができたら、それを起動します。ウィンドウが出たら、CDのところで、「ISOをキャプチャする」みたいなメニューからダウンロードしたFreeBSDのISOファイルを指定します。VirtualPC2004と違って、ブートデバイスの順番を設定しなくても、CDからブートしました。とりあえず、適当にインストールします。FreeBSDのインストールが終わったら、下記のネットワークなどの設定をします。rc confrc confに下記設定を追加します。ホスト名は、適当な変更してください。IPアドレスは、適切に変更してください。

Forex Groups - Tips on Trading

Related article:
http://paranoid.dip.jp/kaworu/2007-09-01-3.html

comments | Add comment | Report as Spam

es - Sitio dedicado principalmente a la difusión de los sistemas *BSD y GNU/Linux en - place mainly dedicated to diffusion both *BSD and GNU/Linux Operating Systems. create a highly available Apache Web server assemble that spans multiple physical or virtual Linux® servers in 5 easy steps with Linux Virtual Server and Heartbeat v2.

Forex Groups - Tips on Trading

Related article:
http://unixbsd.blogspot.com/2007/08/set-up-web-server-cluster-in-5-easy.html

comments | Add comment | Report as Spam

Jephe Wu - obtain Firewall is very important for company network it protects all valuable resources on the internal LAN. To forbid the single inform of failure it's always good practice to apply firewall fail-over. FreeBSD is a good choice to act as a firewall because it's popular secure and give packet separate(PF) which is ported from OpenBSD as come up as CARP pfsync. Software raid drive - gmirror in FreeBSD is extremely easy to assemble. Environment1. 2 HP netserver lp1000r (running Freebsd 6.2)2 each lp1000r server has 2 built-in network ports one connects to Internet the another connects to internal network3 each lp1000r3 web servers behind the firewalls using internal IP addresses (running CentOS 4)Objective1 when firewall1 is drink firewall2 ordain be taking over. This should be transparent to the end web user.2 since each hp netserver lp1000r has 2 idential hard disks(18G) we need to create it as raid-1 mirroring. In case any one of hard plough dies the firewall is still able to work.3. 2 web servers are also DNS server. SMTP server and NTP client which means we need to assemble the relevant PF rules on each firewall. Naming conversionhostname for firewall1: bsd1 (know firewall)domain label: maxposs comexternal network: a b c.192/28 (regenerate a b c with your own IPs)fail gateway: a b c.193fxp0: a b c.204carp0: a b c.201carp0_alias0: a b c.200fxp1: 10.0.0.5object1: 10.0.0.1hostname for firewall2: bsd2 (backup firewall)domain label: maxposs comexternal communicate: a b c.192/28fail gateway: a b c.193fxp0: a b c.205carp0: a b c.201carp0_alias0: a b c.200fxp1: 10.0.0.6object1: 10.0.0.1hostname for internal web server 1: web1ext0: 10.0.0.7gateway: 10.0.0.1 (carp1 on firewalls)services: web smtp dns ntp client ssh clienthostname for internal web server 2: web2ext0: 10.0.0.8gateway: 10.0.0.1 (carp1 on firewall)services: web smtp dns ntp client ssh clientFreebsd 6.2 OS InstallationI'm using the default installation for FreeBSD glide a for / slide b for change glide d for /var and slide e for /usr. Freebsd 6.2 raid-1 mirroringSince there're 2 firewalls that needs to install. It's better to install one firewall then the copy everything to the another one. We installed FreeBSD OS on the first hard disk on bsd1 then use the following steps to add the back up hard disk to change state a raid-1 mirrored system.# sysctl kern geom debugflags=16# gmirror denominate -v -b round-robin gm0 /dev/da1# echo geom_mirror_load=YES >> /kick/loader conf# vi /etc/fstab (to change all /dev/da0 to /dev/reflect/gm0)bsd1# more /etc/fstab# Device Mountpoint FStype Options cast aside Pass#/dev/mirror/gm0s2b none swap sw 0 0/dev/mirror/gm0s1a / ufs rw 1 1/dev/mirror/gm0s4d /usr ufs rw 2 2/dev/mirror/gm0s3d /var ufs rw 2 2/dev/acd0 /cdrom cd9660 ro,noauto 0 0# rebootAfter reboot you can use dominate 'gmirror status' or 'gmirror enumerate' to check the assail1 status. For adding the second hard disk to raid arrange run# gmirror insert gm0 /dev/da1Compiling kernel to enable carp and pfsync interfacesDuring OS installation we installed kernel developer packages so that we can do kernelcompilation for carp and pfsync later. First of all backup your current original kernel first.# cp -pr /kick/kernel /boot/kernel orignote:After the whole system is stablized you might be to backup the working kernel again# cp -pr /kick/kernel /boot/kernel good# cd /usr/src/sys/i386/conf# cp GENERIC MYKERNEL# vi MYKERNEL (to add the following lines)device pfdevice pfsyncdevice pflogdevice carpnote: you cannot just add 'device pfsync' without adding 'device pf' first. If you be to be able to use ALTQ then the following as come up:options ALTQoptions ALTQ_CBQoptions ALTQ_REDoptions ALTQ_RIOoptions ALTQ_HFSCoptions ALTQ_PRIQoptions ALTQ_NOPCC# cd /usr/src# alter installkernel KERNCONF=MYKERNEL# rebootIn case the new kernel doesn't kick up please have in mind to copy the FreeBSD OS to another firewallshutdown bsd1 firewall put the 2 hard disks to the left schedule on each firewall theninsert empty 2 hard disks to the alter slot on each firewall then run the followingcommands to add the second hard disk to raid1 array# gmirror drop gm0# gmirror insert gm0 /dev/da1say: you must run the first command otherwise you will get error message 'not allhard disks connected'Configuring object and Pfsync on firewall/etc/rc conf on bsd1:gateway="YES"pf_enable="YES"pf_rules="/etc/pf conf"pf_flags=""pflog_enable="YES"pflog_logfile="/var/log/pflog"pflog_flags=""cloned_interfaces="object0 carp1"ifconfig_carp0="vhid 1 pass maxposs a b c.201/28"ifconfig_carp0_alias0="vhid 1 pass maxposs a b c.200/28"ifconfig_object1="vhid 2 go maxposs 10.0.0.1/24"ifconfig_pfsync0="up syncif fxp1"/etc/rc conf on bsd2gateway="YES"pf_enable="YES"pf_rules="/etc/pf conf"pf_flags=""pflog_alter="YES"pflog_logfile="/var/log/pflog"pflog_flags=""cloned_interfaces="object0 object1"ifconfig_object0="vhid 1 advskew 100 go maxposs a b c.201/28"ifconfig_object0_alias0="vhid 1 advskew 100 go maxposs a b c.200/28"ifconfig_object1="vhid 2 advskew 100 go maxposs 10.0.0.1/24"ifconfig_pfsync0="up syncif fxp1"say:1 maxposs is the password must be same for the same vhid (virtual host ID)2 advskew 100 on bsd2 makes the carp advertisement packet less frequent than bsd1 soit will be backup firewall whenever the election happens./etc/sysctl conf on both bsd1 and bsd2add the following linesnet inet tcp blackhole=2net inet udp blackhole=1#if one interface fails then all ordain disappoint overnet inet object acquire=1net inet tcp sendspace=65536net inet tcp recvspace=65536/etc/pf conf on both bsd1 and bsd2int_if="fxp1"ext_if="fxp0"lo_if="lo0"int_network="10.0.0.0/24"web1 = "10.0.0.7/32"web2 = "10.0.0.8/32"int_www = "{ $web1. $web2 }"int_ns = "{ $web1. $web2 }"ext_www = "a b c.201"ext_ns = "a b c.200"ssh_client1 = "x y z.1/32"ssh_client2 = "x y z.2/32"# Normalizationscrub in all# NAT for allnat on $ext_if from $int_communicate to any -> $ext_if# web function rdrrdr on fxp0 proto tcp from any to $ext_www turn 80 -> $int_www round-robinrdr on fxp0 proto tcp from any to $ext_www port 443 -> $int_www round-robin# dns rdrrdr on fxp0 proto udp from any to $ext_ns port 53 -> $int_ns port 53# fail ruleblock in log all# Allow all Loopbackpass quick on $lo_if all# Allow pfsync Updates In/Outpass quick on $int_if proto pfsync act express# accept object Advertisements In/Outpass quick on {$ext_if. $int_if} proto carp keep state# dns incoming trafficpass in log quick on fxp0 proto udp from any to $int_www port = 53 act statepass out quick on fxp1 proto udp from any to $int_www port = 53 act express# dns outgoing trafficpass out log quick on fxp0 proto udp from fxp0 to any turn = 53 keep statepass in quick on fxp1 proto udp from $int_www to any port = 53 keep express# smtp outgoing trafficpass out quick on fxp0 proto tcp from fxp0 to any port = 25 keep statepass in quick on fxp1 proto tcp from $int_www to any port = 25 act express# ssh outgoing trafficpass out quick on fxp0 proto tcp from fxp0 to $ssh_clients turn = 22 keep statepass in quick on fxp1 proto tcp from $int_www to $ssh_clients turn = 22 act express# ntp outgoing trafficpass out quick on fxp0 proto udp from fxp0 to any port = 123 act statepass in quick on fxp1 proto udp from $int_www to any turn = 123 act express# web incoming trafficpass in quick on fxp0 proto tcp from any to $int_www turn {80,443} act statepass out quick on fxp1 proto tcp from any to $int_www port {80,443} keep state

Forex Groups - Tips on Trading

Related article:
http://linuxtechres.blogspot.com/2007/08/carp-pfsync-and-gmirror-for-firewall.html

comments | Add comment | Report as Spam