Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/loops/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Unix pfctl-允许从特定IP进行ssh连接,并阻止其他所有人_Unix_Bsd_Firewall Access - Fatal编程技术网
Fatal编程技术网
  • unix/
  • Unix pfctl-允许从特定IP进行ssh连接,并阻止其他所有人

Unix pfctl-允许从特定IP进行ssh连接,并阻止其他所有人

unix

Unix pfctl-允许从特定IP进行ssh连接,并阻止其他所有人,unix,bsd,firewall-access,Unix,Bsd,Firewall Access,我正在Mac OS X上使用pfctl,我正在尝试为所有ip制定阻止SSH的策略/锚定,但不针对特定ip。我尝试: pass in on en1 proto tcp from any to any port < 22 flags S/SA pass out on en1 proto tcp from any to any port < 22 flags S/SA pass in on en1 proto tcp from any to any port > 22 flags

我正在Mac OS X上使用pfctl,我正在尝试为所有ip制定阻止SSH的策略/锚定,但不针对特定ip。我尝试:

pass in on en1 proto tcp from any to any port < 22 flags S/SA
pass out on en1 proto tcp from any to any port < 22 flags S/SA
pass in on en1 proto tcp from any to any port > 22  flags S/SA
pass out on en1 proto tcp from any to any port > 22 flags S/SA

block in on en1 proto tcp from any to any port 22 
block out on en1 proto tcp from any to any port 22 

将en1协议tcp从任何端口传入任何端口<22标志S/SA
在en1协议tcp上从任何端口传递到任何端口<22标志S/SA
将en1协议tcp从任何端口传入任何>22标志S/SA的端口
通过en1协议tcp从任意端口发送到任意端口>22标志S/SA
阻止从任意端口到任意端口的en1协议tcp
阻止从任意端口到任意端口的en1协议tcp
但结果是阻塞了端口22上的所有连接。是否存在允许从特定ip进行SSH连接的可能性?或者是一个表,它可以发送一个IP列表,这些IP将通过SSH连接到我的系统上

致以最良好的祝愿