4. FreeBSD-12.x ipfw 방화벽 설정 > 에필로그

sysrc firewall_enable="YES"
sysrc firewall_type="/etc/ipfw.rules"

ee /etc/ipfw.rules

# DNS Client
add allow udp from me to 네임서버아이피 53
add allow udp from 네임서버아이피 53 to me

# SSH
add allow tcp from any to me 접속포트 setup keep-state

# FTP
add allow tcp from any to me 제어포트 setup keep-state
add allow tcp from any to me 패시브시작포트-패시브끝포트 setup keep-state

# AFP
add allow tcp from any to me 548 setup keep-state

# SMB
add allow tcp from any to any 139,445 setup keep-state
add allow udp from any to any 137,138 keep-state

# HTTP
add allow tcp from any to me 80, 443 setup keep-state

# HLS
#add allow tcp from any to me 8080 setup keep-state

# RTMP
#add allow tcp from any to me 1935 setup keep-state

# Others
add deny all from any to any

service ipfw start

모두 막고 필수 서비스 포트만 오픈하는 경우이다.

필요에 따라 포트를 위처럼 추가한다.

서비스 설치시에는 service ipfw stop 명령으로 중지한다.