KDE 大佬有话说 :
坛子里有人用freebsd吗?受够linux了
编译安装
linux动不动就是缺少XX运行
编译安装搞头大
包管理的又太老
运行某些软件又要升级内核
打算转freebsd了
zfs快照模式
包管理一流
防火墙比iptables firewall-cmd简单多了
最近再看防火墙
https://docs.freebsd.org/doc/13.0-RELEASE/usr/local/share/doc/freebsd/zh_CN/books/handbook/firewalls-ipfw.html
——————
#!/bin/sh
清除所有
ipfw -q -f flush
允许环回
ipfw -q add 00020 allow all from any to any via lo0
允许ping
ipfw -q add 00030 allow icmp from any to any
允许 tcp 22 80 443 8443 进出
ipfw -q add 00100 allow tcp from any to any 22 setup keep-state
ipfw -q add 00110 allow tcp from any to any 80 setup keep-state
ipfw -q add 00120 allow tcp from any to any 443 setup keep-state
ipfw -q add 00130 allow tcp from any to any 8443 setup keep-state
允许DNS 53解析
ipfw -q add 00200 allow tcp from any to any 53 setup keep-state
ipfw -q add 00210 allow udp from any to any 53 keep-state
允许UDP 4000 5000端口
ipfw -q add 00300 allow udp from any to any 4000 keep-state
ipfw -q add 00310 allow udp from any to any 5000 keep-state