Unix pfctl-允许从特定IP进行ssh连接,并阻止其他所有人
我正在Mac OS X上使用pfctl,我正在尝试为所有ip制定阻止SSH的策略/锚定,但不针对特定ip。我尝试:Unix pfctl-允许从特定IP进行ssh连接,并阻止其他所有人,unix,bsd,firewall-access,Unix,Bsd,Firewall Access,我正在Mac OS X上使用pfctl,我正在尝试为所有ip制定阻止SSH的策略/锚定,但不针对特定ip。我尝试: pass in on en1 proto tcp from any to any port < 22 flags S/SA pass out on en1 proto tcp from any to any port < 22 flags S/SA pass in on en1 proto tcp from any to any port > 22 flags
pass in on en1 proto tcp from any to any port < 22 flags S/SA
pass out on en1 proto tcp from any to any port < 22 flags S/SA
pass in on en1 proto tcp from any to any port > 22 flags S/SA
pass out on en1 proto tcp from any to any port > 22 flags S/SA
block in on en1 proto tcp from any to any port 22
block out on en1 proto tcp from any to any port 22
将en1协议tcp从任何端口传入任何端口<22标志S/SA
在en1协议tcp上从任何端口传递到任何端口<22标志S/SA
将en1协议tcp从任何端口传入任何>22标志S/SA的端口
通过en1协议tcp从任意端口发送到任意端口>22标志S/SA
阻止从任意端口到任意端口的en1协议tcp
阻止从任意端口到任意端口的en1协议tcp
但结果是阻塞了端口22上的所有连接。是否存在允许从特定ip进行SSH连接的可能性?或者是一个表,它可以发送一个IP列表,这些IP将通过SSH连接到我的系统上
致以最良好的祝愿