|
输入下面这些命令:
# service pflog start# service pflog stop# service pflog restart
第四步:pfctl 命令的简单介绍
你需要使用 pfctl 命令来查看 PF 规则集和参数配置,包括来自包过滤器的状态信息。让我们来看一下所有常见命令:
显示 PF 规则信息
# pfctl -s rules
示例输出:
block return in log allblock drop out allblock drop in quick on ! vtnet0 inet from 172.xxx.yyy.zzz/24 to anyblock drop in quick inet from 172.xxx.yyy.zzz/24 to anypass in quick on vtnet0 inet proto tcp from 139.aaa.ccc.ddd to 172.xxx.yyy.zzz/24 port = ssh flags S/SA keep state label "USER_RULE: Allow SSH from 139.aaa.ccc.ddd"pass inet proto icmp all icmp-type echoreq keep statepass out quick on vtnet0 proto tcp from any to any port = domain flags S/SA keep statepass out quick on vtnet0 proto tcp from any to any port = ntp flags S/SA keep statepass out quick on vtnet0 proto tcp from any to any port = smtp flags S/SA keep statepass out quick on vtnet0 proto tcp from any to any port = http flags S/SA keep statepass out quick on vtnet0 proto tcp from any to any port = https flags S/SA keep statepass out quick on vtnet0 proto tcp from any to any port = ftp flags S/SA keep statepass out quick on vtnet0 proto tcp from any to any port = ssh flags S/SA keep statepass out quick on vtnet0 proto udp from any to any port = domain keep statepass out quick on vtnet0 proto udp from any to any port = ntp keep state
显示每条规则的详细内容
# pfctl -v -s rules
在每条规则的详细输出中添加规则编号:
# pfctl -vvsr show
显示状态信息
# pfctl -s state# pfctl -s state | more# pfctl -s state | grep 'something'
如何在命令行中禁止 PF 服务
# pfctl -d
如何在命令行中启用 PF 服务
# pfctl -e
如何在命令行中刷新 PF 规则/NAT/路由表
# pfctl -F all
示例输出:
rules clearednat cleared0 tables deleted.2 states clearedsource tracking entries clearedpf: statistics clearedpf: interface flags reset
如何在命令行中仅刷新 PF 规则
# pfctl -F rules
如何在命令行中仅刷新队列
# pfctl -F queue
如何在命令行中刷新统计信息(它不是任何规则的一部分)
# pfctl -F info
如何在命令行中清除所有计数器
# pfctl -z clear
第五步:查看 PF 日志
(编辑:泰州站长网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
