Здравствуйте.
Написал конфиг для закрытия некоторых портов. Но столкнулся с проблемой...порты 25 и 110 не закрываются - почта как ходила, так и ходит.
Все остальные порты закрываются нормально. Подскажите, плиз...что может быть не так? .Браузер перегружал, конфиг менять пробовал. Может проблема с check-state и keep-state? Прилагаю содержимое файла rc.fw
#!/bin/sh
#
#
cmd="./ipfw add"
# First flush the firewall rules
./ipfw -q -f flush
#Localhost rules
$cmd 100 pass all from any to any via lo*
# Prevent any traffic to 127.0.0.1, common in localhost spoofing
#$cmd 110 deny log all from any to 127.0.0.0/8 in
#$cmd 120 deny log all from 127.0.0.0/8 to any in
$cmd check-state
$cmd pass all from me to any out keep-state
$cmd count log ip from any to any
#loopback
$cmd allow ip from any to any via lo0
#$cmd deny ip from any to 127.0.0.0/8
#$cmd deny ip from 127.0.0.0/8 to any
#FTP
$cmd allow tcp from any to any 20,21
$cmd allow tcp from any 20,21 to any
#SSH
$cmd allow tcp from any to any 22
$cmd allow tcp from any 22 to any
#DNS
$cmd allow tcp from any to any 53
$cmd allow tcp from any 53 to any
$cmd allow udp from any to any 53
$cmd allow udp from any 53 to any
#VNC
$cmd allow tcp from any to any 5900
$cmd allow tcp from any 5900 to any
$cmd allow udp from any to any 5900
$cmd allow udp from any 5900 to any
$cmd allow tcp from any to any 5800
$cmd allow tcp from any 5800 to any
$cmd allow udp from any to any 5800
$cmd allow udp from any 5800 to any
#Mail
$cmd allow tcp from any to any 25 <------- комментирую эти строки и ничего не происходит
$cmd allow tcp from any 25 to any <-------
$cmd allow tcp from any to any 110 <-------
$cmd allow tcp from any 110 to any <-------
#HTTP
$cmd allow tcp from any to any 80
$cmd allow tcp from any 80 to any
$cmd allow all from any to any out
$cmd allow icmp from any to any in icmptype 0,3,5,8,11
$cmd 65534 deny all from any to any
