Помогите разобраться с сыкой котарая испl
-
Тоесть если я отключу pptp то у меня всо долно заработать?
-
Отключил pptp, не помлгло все то же самое.
$ netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 217.197.255.32 UGS 0 119152632 ng0 127.0.0.1 127.0.0.1 UH 0 63176 lo0 192.168.200.0/24 link#2 UC 0 0 ste0 192.168.200.1 00:15:17:e5:72:77 UHLW 1 215163027 ste0 1118 192.168.200.104 link#2 UHLW 1 56 ste0 217.197.240.43 lo0 UHS 0 252 lo0 217.197.255.32 217.197.240.43 UH 1 6700 ng0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UHL lo0 fe80::%nfe0/64 link#1 UC nfe0 fe80::21d:60ff:fed3:aa04%nfe0 00:1d:60:d3:aa:04 UHL lo0 fe80::%ste0/64 link#2 UC ste0 fe80::22cf:30ff:feb6:c1b1%ste0 20:cf:30:b6:c1:b1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 U lo0 fe80::1%lo0 link#3 UHL lo0 fe80::%ng0/64 link#7 UC ng0 fe80::21d:60ff:fed3:aa04%ng0 link#7 UHL lo0 ff01:1::/32 link#1 UC nfe0 ff01:2::/32 link#2 UC ste0 ff01:3::/32 ::1 UC lo0 ff01:7::/32 link#7 UC ng0 ff02::%nfe0/32 link#1 UC nfe0 ff02::%ste0/32 link#2 UC ste0 ff02::%lo0/32 ::1 UC lo0 ff02::%ng0/32 link#7 UC ng0$ ifconfig nfe0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=14b <rxcsum,txcsum,vlan_mtu,polling,tso4>ether 00:1d:60:d3:aa:04 inet6 fe80::21d:60ff:fed3:aa04%nfe0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect (100baseTX <full-duplex>) status: active ste0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=48 <vlan_mtu,polling>ether 20:cf:30:b6:c1:b1 inet 192.168.200.254 netmask 0xffffff00 broadcast 192.168.200.255 inet6 fe80::22cf:30ff:feb6:c1b1%ste0 prefixlen 64 scopeid 0x2 media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 enc0: flags=0<> metric 0 mtu 1536 pflog0: flags=100 <promisc>metric 0 mtu 33204 pfsync0: flags=41 <up,running>metric 0 mtu 1460 pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128 ng0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492 inet6 fe80::21d:60ff:fed3:aa04%ng0 prefixlen 64 scopeid 0x7 inet 217.197.240.43 --> 217.197.255.32 netmask 0xffffffff</up,pointopoint,running,noarp,simplex,multicast></up,running></promisc></up,loopback,running,multicast></full-duplex></vlan_mtu,polling></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,polling,tso4></up,broadcast,running,simplex,multicast>Dec 10 08:42:47 check_reload_status: starting sshd Dec 10 08:42:48 sshd[2256]: Received signal 15; terminating. Dec 10 08:42:48 sshd[52354]: Server listening on :: port 22. Dec 10 08:42:48 sshd[52354]: Server listening on 0.0.0.0 port 22. Dec 10 08:43:49 mpd: mpd: caught fatal signal term Dec 10 08:43:49 mpd: [pt0] IPCP: Down event Dec 10 08:43:49 mpd: [pt0] IFACE: Close event Dec 10 08:43:49 mpd: [pt1] IPCP: Down event Dec 10 08:43:49 mpd: [pt1] IFACE: Close event Dec 10 08:43:49 mpd: [pt2] IPCP: Down event Dec 10 08:43:49 mpd: [pt2] IFACE: Close event Dec 10 08:43:49 mpd: [pt3] IPCP: Down event Dec 10 08:43:49 mpd: [pt3] IFACE: Close event Dec 10 08:43:49 mpd: [pt4] IPCP: Down event Dec 10 08:43:49 mpd: [pt4] IFACE: Close event Dec 10 08:43:49 mpd: [pt5] IPCP: Down event Dec 10 08:43:49 mpd: [pt5] IFACE: Close event Dec 10 08:43:49 mpd: [pt6] IPCP: Down event Dec 10 08:43:49 mpd: [pt6] IFACE: Close event Dec 10 08:43:49 mpd: [pt7] IPCP: Down event Dec 10 08:43:49 mpd: [pt7] IFACE: Close event Dec 10 08:43:49 mpd: [pt8] IPCP: Down event Dec 10 08:43:49 mpd: [pt8] IFACE: Close event Dec 10 08:43:49 mpd: [pt9] IPCP: Down event Dec 10 08:43:49 mpd: [pt9] IFACE: Close event Dec 10 08:43:49 mpd: [pt10] IPCP: Down event Dec 10 08:43:49 mpd: [pt10] IFACE: Close event Dec 10 08:43:49 mpd: [pt11] IPCP: Down event Dec 10 08:43:49 mpd: [pt11] IFACE: Close event Dec 10 08:43:49 mpd: [pt12] IPCP: Down event Dec 10 08:43:49 mpd: [pt12] IFACE: Close event Dec 10 08:43:49 mpd: [pt13] IPCP: Down event Dec 10 08:43:49 mpd: [pt13] IFACE: Close event Dec 10 08:43:49 mpd: [pt14] IPCP: Down event Dec 10 08:43:49 mpd: [pt14] IFACE: Close event Dec 10 08:43:49 mpd: [pt15] IPCP: Down event Dec 10 08:43:49 mpd: [pt15] IFACE: Close event Dec 10 08:43:51 mpd: mpd: process 10295 terminated Dec 10 08:43:52 php: /vpn_pptp.php: Could not kill mpd within 3 seconds. Trying again. Dec 10 08:43:53 check_reload_status: reloading filter Dec 10 08:48:20 check_reload_status: reloading filter Dec 10 08:48:21 check_reload_status: starting sshd Dec 10 08:48:22 sshd[52354]: Received signal 15; terminating. Dec 10 08:48:22 sshd[54653]: Server listening on :: port 22. Dec 10 08:48:22 sshd[54653]: Server listening on 0.0.0.0 port 22. Dec 10 08:50:27 check_reload_status: reloading filter Dec 10 08:50:29 check_reload_status: starting sshd Dec 10 08:50:30 sshd[54653]: Received signal 15; terminating. Dec 10 08:50:30 sshd[55177]: Server listening on :: port 22. Dec 10 08:50:30 sshd[55177]: Server listening on 0.0.0.0 port 22.При отключеном pptp, все тоже самое, ни локалки, ни инета :'(
-
Сейчас всё правильно, как проверяешь локалку и интернет?
-
дык у тебя pptp-сервер запущен на pfSense, он никогда (ну хорошо - врядли) не будет работать вместе с pptp на WAN
все отлично работало.. вот только не помню коннекты были на pptp адрес или на серый
-
Я понять ничего не могу, Вы говорите что все нормально. Но когда я снимаю галочку с Disable NAT Reflection, у меня вообще все отваливается и локалка не работает и инет. :'( Я не понимаю в чем дело. Все настроил, все работает. Но вот локальные ресурсу никак. может Вам сбросить status.php? Там полная картина конфига.
-
как проверяешь локалку и интернет?
-
параметры сети
192.168.200.0/24
гейт 192.168.200.254 (Онже и pfSense)
DNS 192.168.200.1Захожу на 192.168.200.254
System: Advanced functions - Снимаю галочку с "Disable NAT Reflection", кликаю на "Save"
Захжу на комп с IP 192.168.200.145. Пытаюсь зайти на www.yandex.ru. Ничего он просто долго тупит…. Но так и не открывает сайт. Пытаюсьзайти на локальные ресурсы. Тоже самое, долго тупит, но страницу в этоге так и не открывает.Снимаю галочку на "Disable NAT Reflection" кликаю на "Save", интернет тут же появляются, локальные ресурсы все так же не отображаются.
Вто то что я делаю.
Я тут одному знакомому форумчанениу, который настраивал уже у себя этого зверька закинул свой конфиг на анализ status.php. И вот что получил в ответБегло пробежался. На сколько я понял, инет идёт через pppoe. Получается три интерфейса: локалка своя, локалка провайдера и виртуальный интерфейс с инетом. А в конфиге только два. Это уже наводит на мысли.
Кстати, может по этому rip так у мея и не заработал….
-
скинь мне```
ifconfig
netstat -rn
pfctl -sr
pfctl -snдля двух случаев: 1) когда disable nat reflection галка стоит 2) галка убрана. -
Когда галочка стоит
$ ifconfig nfe0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=14b <rxcsum,txcsum,vlan_mtu,polling,tso4>ether 00:1d:60:d3:aa:04 inet6 fe80::21d:60ff:fed3:aa04%nfe0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect (100baseTX <full-duplex>) status: active ste0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=48 <vlan_mtu,polling>ether 20:cf:30:b6:c1:b1 inet6 fe80::22cf:30ff:feb6:c1b1%ste0 prefixlen 64 scopeid 0x2 inet 192.168.200.254 netmask 0xffffff00 broadcast 192.168.200.255 media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 enc0: flags=0<> metric 0 mtu 1536 pflog0: flags=100 <promisc>metric 0 mtu 33204 pfsync0: flags=41 <up,running>metric 0 mtu 1460 pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128 ng0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492 inet6 fe80::21d:60ff:fed3:aa04%ng0 prefixlen 64 scopeid 0x7 inet 217.197.240.43 --> 217.197.255.32 netmask 0xffffffff</up,pointopoint,running,noarp,simplex,multicast></up,running></promisc></up,loopback,running,multicast></full-duplex></vlan_mtu,polling></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,polling,tso4></up,broadcast,running,simplex,multicast>$ netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 217.197.255.32 UGS 0 61336831 ng0 127.0.0.1 127.0.0.1 UH 0 133499 lo0 192.168.200.0/24 link#2 UC 0 0 ste0 192.168.200.1 00:15:17:e5:72:77 UHLW 1 189537540 ste0 730 192.168.200.105 00:13:e8:9b:b2:15 UHLW 1 4121 ste0 752 217.197.240.43 lo0 UHS 0 0 lo0 217.197.255.32 217.197.240.43 UH 1 1485 ng0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UHL lo0 fe80::%nfe0/64 link#1 UC nfe0 fe80::21d:60ff:fed3:aa04%nfe0 00:1d:60:d3:aa:04 UHL lo0 fe80::%ste0/64 link#2 UC ste0 fe80::22cf:30ff:feb6:c1b1%ste0 20:cf:30:b6:c1:b1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 U lo0 fe80::1%lo0 link#3 UHL lo0 fe80::%ng0/64 link#7 UC ng0 fe80::21d:60ff:fed3:aa04%ng0 link#7 UHL lo0 ff01:1::/32 link#1 UC nfe0 ff01:2::/32 link#2 UC ste0 ff01:3::/32 ::1 UC lo0 ff01:7::/32 link#7 UC ng0 ff02::%nfe0/32 link#1 UC nfe0 ff02::%ste0/32 link#2 UC ste0 ff02::%lo0/32 ::1 UC lo0 ff02::%ng0/32 link#7 UC ng0$ pfctl -sr scrub all random-id max-mss 1452 fragment reassemble anchor "ftpsesame/*" all anchor "firewallrules" all block drop quick proto tcp from any port = 0 to any block drop quick proto udp from any port = 0 to any block drop quick proto tcp from any to any port = 0 block drop quick proto udp from any to any port = 0 block drop quick from <snort2c> to any label "Block snort2c hosts" block drop quick from any to <snort2c> label "Block snort2c hosts" anchor "loopback" all pass in quick on lo0 all flags S/SA keep state label "pass loopback" pass out quick on lo0 all flags S/SA keep state label "pass loopback" anchor "packageearly" all anchor "carp" all pass quick inet proto icmp from 217.197.240.43 to any keep state anchor "dhcpserverlan" all pass in quick on ste0 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server on LAN" pass in quick on ste0 inet proto udp from any port = bootpc to 192.168.200.254 port = bootps keep state label "allow access to DHCP server on LAN" pass out quick on ste0 inet proto udp from 192.168.200.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server on LAN" block drop in log quick on nfe0 inet proto udp from any port = bootps to 192.168.200.0/24 port = bootpc label "block dhcp client out wan" block drop in log quick on ng0 inet proto udp from any port = bootps to 192.168.200.0/24 port = bootpc label "block dhcp client out wan" pass in quick on nfe0 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out wan" pass in quick on ng0 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out wan" block drop in on ! ste0 inet from 192.168.200.0/24 to any block drop in on ste0 inet6 from fe80::22cf:30ff:feb6:c1b1 to any block drop in inet from 192.168.200.254 to any anchor "spoofing" all anchor "limitingesr" all block drop in quick from <virusprot> to any label "virusprot overload table" pass out quick on ste0 proto icmp all keep state label "let out anything from firewall host itself" pass out quick on nfe0 proto icmp all keep state label "let out anything from firewall host itself" pass out quick on ng0 proto icmp all keep state label "let out anything from firewall host itself" pass out quick on ng0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" anchor "firewallout" all pass out quick on nfe0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out quick on ng0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out quick on ste0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out quick on enc0 all flags S/SA keep state label "IPSEC internal host to host" pass out quick on ng0 proto icmp all keep state label "let out anything from firewall host itself" anchor "anti-lockout" all pass in quick on ste0 inet from any to 192.168.200.254 flags S/SA keep state label "anti-lockout web rule" block drop in log proto tcp from <sshlockout> to any port = ssh label "sshlockout" anchor "ftpproxy" all anchor "pftpx/*" all pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = http flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = http keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = http flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = http keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto icmp all keep state label "USER_RULE" pass in quick on ng0 inet proto icmp all keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27015 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27015 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27015 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27015 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27010 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27010 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27010 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27010 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27011 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27011 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27011 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27011 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27025 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27025 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27025 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27025 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = afs3-prserver flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = afs3-prserver keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = afs3-prserver flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = afs3-prserver keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 6003 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 6003 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 6003 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 6003 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27016 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27016 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27016 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27016 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27960 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27960 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27960 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27960 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27017 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27017 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27017 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27017 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27018 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27018 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27018 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27018 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27030 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27030 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27030 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27030 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27019 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27019 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27019 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27019 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27020 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27020 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27020 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27020 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27021 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27021 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27021 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27021 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27031 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27031 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27031 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27031 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27022 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27022 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27022 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27022 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 52001 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 52001 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 52001 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 52001 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27032 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27032 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27032 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27032 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27033 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27033 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27033 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27033 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27035 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27035 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27035 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27035 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27036 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27036 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27036 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27036 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27037 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27037 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27037 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27037 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27038 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27038 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27038 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27038 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27039 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27039 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27039 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27039 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27041 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27041 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27041 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27041 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27042 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27042 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27042 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27042 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27043 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27043 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27043 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27043 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27044 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27044 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27044 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27044 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27045 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27045 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27045 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27045 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27046 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27046 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27046 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27046 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from 89.20.141.32 to 192.168.200.1 port = ssh flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from 89.20.141.32 to 192.168.200.1 port = ssh keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from 89.20.141.32 to 192.168.200.1 port = ssh flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from 89.20.141.32 to 192.168.200.1 port = ssh keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 10000 flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 10000 keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 10000 flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 10000 keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27047 flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27047 keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27047 flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27047 keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27048 flags S/SA keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27048 keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27048 flags S/SA keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27048 keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on ste0 inet from 192.168.200.0/24 to any flags S/SA keep state label "USER_RULE: Default LAN -> any" pass in quick on ste0 inet proto tcp from 192.168.200.0/24 to 127.0.0.1 port 7999 >< 8031 flags S/SA keep state label "USER_RULE: FTP-LAN-INNET" pass in quick on ste0 inet proto udp from 192.168.200.0/24 to 127.0.0.1 port 7999 >< 8031 keep state label "USER_RULE: FTP-LAN-INNET" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = ftp keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = ftp keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 217.197.240.43 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 217.197.240.43 port = ftp keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 217.197.240.43 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 217.197.240.43 port = ftp keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = ftp-data flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = ftp-data keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = ftp-data flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = ftp-data keep state label "USER_RULE: NAT " pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = ftp-proxy flags S/SA keep state label "FTP PROXY: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = ftp flags S/SA keep state label "FTP PROXY: Allow traffic to localhost" pass in quick on ng0 inet proto tcp from any port = ftp-data to (ng0) port > 49000 flags S/SA keep state label "FTP PROXY: PASV mode data connection" pass in quick on ng0 inet proto tcp from any to (ng0) port > 49000 flags S/SA keep state label "FTP PROXY: RFC959 violation workaround" anchor "imspector" all anchor "miniupnpd" all block drop in log quick all label "Default block all just to be sure." block drop out log quick all label "Default block all just to be sure."</sshlockout></virusprot></snort2c></snort2c>$ pfctl -sn nat-anchor "pftpx/*" all nat-anchor "natearly/*" all nat-anchor "natrules/*" all nat on nfe0 inet from 192.168.200.0/24 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin nat on ng0 inet from 192.168.200.0/24 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin nat on nfe0 inet from 192.168.200.0/24 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin nat on ng0 inet from 192.168.200.0/24 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin nat on nfe0 inet from 192.168.200.0/24 to any -> (ng0) round-robin nat on ng0 inet from 192.168.200.0/24 to any -> (ng0) round-robin rdr-anchor "pftpx/*" all rdr-anchor "slb" all no rdr on ste0 proto tcp from any to <vpns> port = ftp rdr on ste0 inet proto tcp from any to any port = ftp -> 127.0.0.1 port 8021 rdr on ng0 inet proto tcp from any to any port = http -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = http -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27015 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27015 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27010 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27010 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27011 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27040 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27040 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27025 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27025 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = afs3-prserver -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = afs3-prserver -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 6003 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 6003 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27016 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27016 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to 217.197.240.43 port = 27960 -> 192.168.200.1 rdr on ng0 inet proto udp from any to 217.197.240.43 port = 27960 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27017 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27017 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27018 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27018 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27019 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27019 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27020 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27020 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27030 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27030 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27021 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27021 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27031 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27031 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27022 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27022 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 52001 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 52001 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27032 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27032 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27033 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27033 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27035 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27035 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27036 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27036 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27037 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27037 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27038 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27038 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27039 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27039 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27041 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27041 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27042 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27042 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27043 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27043 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27044 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27044 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27045 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27045 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27046 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27046 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27047 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27047 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 27048 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27048 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = ssh -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = ssh -> 192.168.200.1 rdr on ng0 inet proto tcp from any to any port = 10000 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 10000 -> 192.168.200.1 rdr on ng0 inet proto tcp from any to 217.197.240.43 port = ftp-data -> 192.168.200.1 rdr on ng0 inet proto udp from any to 217.197.240.43 port = ftp-data -> 192.168.200.1 rdr-anchor "imspector" all rdr-anchor "miniupnpd" all rdr on ste0 inet proto tcp from any to (ste0) port = 3128 -> 127.0.0.1 port 3128 rdr on ng0 inet proto tcp from any to (ng0) port = 3128 -> 127.0.0.1 port 3128</vpns> -
Когда галочка снята
$ ifconfig nfe0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=14b <rxcsum,txcsum,vlan_mtu,polling,tso4>ether 00:1d:60:d3:aa:04 inet6 fe80::21d:60ff:fed3:aa04%nfe0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect (100baseTX <full-duplex>) status: active ste0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=48 <vlan_mtu,polling>ether 20:cf:30:b6:c1:b1 inet6 fe80::22cf:30ff:feb6:c1b1%ste0 prefixlen 64 scopeid 0x2 inet 192.168.200.254 netmask 0xffffff00 broadcast 192.168.200.255 media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 enc0: flags=0<> metric 0 mtu 1536 pflog0: flags=100 <promisc>metric 0 mtu 33204 pfsync0: flags=41 <up,running>metric 0 mtu 1460 pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128 ng0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492 inet6 fe80::21d:60ff:fed3:aa04%ng0 prefixlen 64 scopeid 0x7 inet 217.197.240.43 --> 217.197.255.32 netmask 0xffffffff</up,pointopoint,running,noarp,simplex,multicast></up,running></promisc></up,loopback,running,multicast></full-duplex></vlan_mtu,polling></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,polling,tso4></up,broadcast,running,simplex,multicast>$ netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 217.197.255.32 UGS 0 62701504 ng0 127.0.0.1 127.0.0.1 UH 0 133499 lo0 192.168.200.0/24 link#2 UC 0 0 ste0 192.168.200.1 00:15:17:e5:72:77 UHLW 1 190708362 ste0 330 192.168.200.105 00:13:e8:9b:b2:15 UHLW 1 4968 ste0 352 217.197.240.43 lo0 UHS 0 0 lo0 217.197.255.32 217.197.240.43 UH 1 1520 ng0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UHL lo0 fe80::%nfe0/64 link#1 UC nfe0 fe80::21d:60ff:fed3:aa04%nfe0 00:1d:60:d3:aa:04 UHL lo0 fe80::%ste0/64 link#2 UC ste0 fe80::22cf:30ff:feb6:c1b1%ste0 20:cf:30:b6:c1:b1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 U lo0 fe80::1%lo0 link#3 UHL lo0 fe80::%ng0/64 link#7 UC ng0 fe80::21d:60ff:fed3:aa04%ng0 link#7 UHL lo0 ff01:1::/32 link#1 UC nfe0 ff01:2::/32 link#2 UC ste0 ff01:3::/32 ::1 UC lo0 ff01:7::/32 link#7 UC ng0 ff02::%nfe0/32 link#1 UC nfe0 ff02::%ste0/32 link#2 UC ste0 ff02::%lo0/32 ::1 UC lo0 ff02::%ng0/32 link#7 UC ng0$ pfctl -sr scrub all random-id max-mss 1452 fragment reassemble anchor "ftpsesame/*" all anchor "firewallrules" all block drop quick proto tcp from any port = 0 to any block drop quick proto udp from any port = 0 to any block drop quick proto tcp from any to any port = 0 block drop quick proto udp from any to any port = 0 block drop quick from <snort2c> to any label "Block snort2c hosts" block drop quick from any to <snort2c> label "Block snort2c hosts" anchor "loopback" all pass in quick on lo0 all flags S/SA keep state label "pass loopback" pass out quick on lo0 all flags S/SA keep state label "pass loopback" anchor "packageearly" all anchor "carp" all pass quick inet proto icmp from 217.197.240.43 to any keep state pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19000 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19001 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19002 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19003 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19004 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19005 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19006 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19007 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19008 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19009 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19010 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19011 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19012 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19013 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19014 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19015 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19016 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19017 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19018 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19019 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19020 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19021 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19022 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19023 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19024 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19025 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19026 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19027 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19028 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19029 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19030 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19031 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19032 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19033 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19034 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19035 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19036 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19037 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19038 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19039 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19040 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19041 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19042 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19043 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19044 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19045 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19046 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19047 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19048 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19049 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19050 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19051 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19052 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19053 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19054 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19055 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19056 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19057 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19058 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19059 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19060 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19061 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19062 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19063 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19064 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19065 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19066 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19067 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19068 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19069 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19070 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19071 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19072 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19073 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19074 keep state label "NAT REFLECT: Allow traffic to localhost" anchor "dhcpserverlan" all pass in quick on ste0 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server on LAN" pass in quick on ste0 inet proto udp from any port = bootpc to 192.168.200.254 port = bootps keep state label "allow access to DHCP server on LAN" pass out quick on ste0 inet proto udp from 192.168.200.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server on LAN" block drop in log quick on nfe0 inet proto udp from any port = bootps to 192.168.200.0/24 port = bootpc label "block dhcp client out wan" block drop in log quick on ng0 inet proto udp from any port = bootps to 192.168.200.0/24 port = bootpc label "block dhcp client out wan" pass in quick on nfe0 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out wan" pass in quick on ng0 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out wan" block drop in on ! ste0 inet from 192.168.200.0/24 to any block drop in on ste0 inet6 from fe80::22cf:30ff:feb6:c1b1 to any block drop in inet from 192.168.200.254 to any anchor "spoofing" all anchor "limitingesr" all block drop in quick from <virusprot> to any label "virusprot overload table" pass out quick on ste0 proto icmp all keep state label "let out anything from firewall host itself" pass out quick on nfe0 proto icmp all keep state label "let out anything from firewall host itself" pass out quick on ng0 proto icmp all keep state label "let out anything from firewall host itself" pass out quick on ng0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" anchor "firewallout" all pass out quick on nfe0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out quick on ng0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out quick on ste0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out quick on enc0 all flags S/SA keep state label "IPSEC internal host to host" pass out quick on ng0 proto icmp all keep state label "let out anything from firewall host itself" anchor "anti-lockout" all pass in quick on ste0 inet from any to 192.168.200.254 flags S/SA keep state label "anti-lockout web rule" block drop in log proto tcp from <sshlockout> to any port = ssh label "sshlockout" anchor "ftpproxy" all anchor "pftpx/*" all pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = http flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = http keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = http flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = http keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto icmp all keep state label "USER_RULE" pass in quick on ng0 inet proto icmp all keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27015 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27015 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27015 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27015 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27010 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27010 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27010 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27010 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27011 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27011 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27011 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27011 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27025 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27025 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27025 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27025 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = afs3-prserver flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = afs3-prserver keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = afs3-prserver flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = afs3-prserver keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 6003 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 6003 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 6003 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 6003 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27016 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27016 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27016 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27016 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27960 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27960 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27960 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27960 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27017 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27017 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27017 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27017 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27018 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27018 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27018 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27018 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27030 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27030 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27030 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27030 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27019 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27019 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27019 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27019 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27020 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27020 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27020 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27020 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27021 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27021 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27021 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27021 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27031 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27031 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27031 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27031 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27022 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27022 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27022 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27022 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 52001 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 52001 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 52001 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 52001 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27032 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27032 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27032 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27032 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27033 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27033 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27033 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27033 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27035 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27035 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27035 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27035 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27036 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27036 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27036 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27036 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27037 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27037 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27037 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27037 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27038 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27038 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27038 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27038 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27039 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27039 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27039 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27039 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27041 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27041 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27041 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27041 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27042 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27042 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27042 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27042 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27043 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27043 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27043 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27043 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27044 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27044 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27044 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27044 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27045 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27045 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27045 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27045 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27046 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27046 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27046 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27046 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from 89.20.141.32 to 192.168.200.1 port = ssh flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from 89.20.141.32 to 192.168.200.1 port = ssh keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from 89.20.141.32 to 192.168.200.1 port = ssh flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from 89.20.141.32 to 192.168.200.1 port = ssh keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 10000 flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 10000 keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 10000 flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 10000 keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27047 flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27047 keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27047 flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27047 keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27048 flags S/SA keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27048 keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27048 flags S/SA keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27048 keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on ste0 inet from 192.168.200.0/24 to any flags S/SA keep state label "USER_RULE: Default LAN -> any" pass in quick on ste0 inet proto tcp from 192.168.200.0/24 to 127.0.0.1 port 7999 >< 8031 flags S/SA keep state label "USER_RULE: FTP-LAN-INNET" pass in quick on ste0 inet proto udp from 192.168.200.0/24 to 127.0.0.1 port 7999 >< 8031 keep state label "USER_RULE: FTP-LAN-INNET" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = ftp keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = ftp keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 217.197.240.43 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 217.197.240.43 port = ftp keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 217.197.240.43 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 217.197.240.43 port = ftp keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = ftp-data flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = ftp-data keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = ftp-data flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = ftp-data keep state label "USER_RULE: NAT " pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = ftp-proxy flags S/SA keep state label "FTP PROXY: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = ftp flags S/SA keep state label "FTP PROXY: Allow traffic to localhost" pass in quick on ng0 inet proto tcp from any port = ftp-data to (ng0) port > 49000 flags S/SA keep state label "FTP PROXY: PASV mode data connection" pass in quick on ng0 inet proto tcp from any to (ng0) port > 49000 flags S/SA keep state label "FTP PROXY: RFC959 violation workaround" anchor "imspector" all anchor "miniupnpd" all block drop in log quick all label "Default block all just to be sure." block drop out log quick all label "Default block all just to be sure."</sshlockout></virusprot></snort2c></snort2c>$ pfctl -sn nat-anchor "pftpx/*" all nat-anchor "natearly/*" all nat-anchor "natrules/*" all nat on nfe0 inet from 192.168.200.0/24 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin nat on ng0 inet from 192.168.200.0/24 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin nat on nfe0 inet from 192.168.200.0/24 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin nat on ng0 inet from 192.168.200.0/24 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin nat on nfe0 inet from 192.168.200.0/24 to any -> (ng0) round-robin nat on ng0 inet from 192.168.200.0/24 to any -> (ng0) round-robin rdr-anchor "pftpx/*" all rdr-anchor "slb" all no rdr on ste0 proto tcp from any to <vpns> port = ftp rdr on ste0 inet proto tcp from any to any port = ftp -> 127.0.0.1 port 8021 rdr on ng0 inet proto tcp from any to any port = http -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = http -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = http -> 127.0.0.1 port 19000 rdr on ste0 inet proto udp from any to any port = http -> 127.0.0.1 port 19001 rdr on ng0 inet proto tcp from any to any port = 27015 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27015 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27015 -> 127.0.0.1 port 19002 rdr on ste0 inet proto udp from any to any port = 27015 -> 127.0.0.1 port 19003 rdr on ng0 inet proto tcp from any to any port = 27010 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27010 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27010 -> 127.0.0.1 port 19004 rdr on ste0 inet proto udp from any to any port = 27010 -> 127.0.0.1 port 19005 rdr on ng0 inet proto tcp from any to any port = 27011 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27011 -> 127.0.0.1 port 19006 rdr on ng0 inet proto tcp from any to any port = 27040 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27040 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27040 -> 127.0.0.1 port 19007 rdr on ste0 inet proto udp from any to any port = 27040 -> 127.0.0.1 port 19008 rdr on ng0 inet proto tcp from any to any port = 27025 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27025 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27025 -> 127.0.0.1 port 19009 rdr on ste0 inet proto udp from any to any port = 27025 -> 127.0.0.1 port 19010 rdr on ng0 inet proto tcp from any to any port = afs3-prserver -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = afs3-prserver -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = afs3-prserver -> 127.0.0.1 port 19011 rdr on ste0 inet proto udp from any to any port = afs3-prserver -> 127.0.0.1 port 19012 rdr on ng0 inet proto tcp from any to any port = 6003 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 6003 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 6003 -> 127.0.0.1 port 19013 rdr on ste0 inet proto udp from any to any port = 6003 -> 127.0.0.1 port 19014 rdr on ng0 inet proto tcp from any to any port = 27016 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27016 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27016 -> 127.0.0.1 port 19015 rdr on ste0 inet proto udp from any to any port = 27016 -> 127.0.0.1 port 19016 rdr on ng0 inet proto tcp from any to 217.197.240.43 port = 27960 -> 192.168.200.1 rdr on ng0 inet proto udp from any to 217.197.240.43 port = 27960 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to 217.197.240.43 port = 27960 -> 127.0.0.1 port 19017 rdr on ste0 inet proto udp from any to 217.197.240.43 port = 27960 -> 127.0.0.1 port 19018 rdr on ng0 inet proto tcp from any to any port = 27017 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27017 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27017 -> 127.0.0.1 port 19019 rdr on ste0 inet proto udp from any to any port = 27017 -> 127.0.0.1 port 19020 rdr on ng0 inet proto tcp from any to any port = 27018 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27018 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27018 -> 127.0.0.1 port 19021 rdr on ste0 inet proto udp from any to any port = 27018 -> 127.0.0.1 port 19022 rdr on ng0 inet proto tcp from any to any port = 27019 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27019 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27019 -> 127.0.0.1 port 19023 rdr on ste0 inet proto udp from any to any port = 27019 -> 127.0.0.1 port 19024 rdr on ng0 inet proto tcp from any to any port = 27020 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27020 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27020 -> 127.0.0.1 port 19025 rdr on ste0 inet proto udp from any to any port = 27020 -> 127.0.0.1 port 19026 rdr on ng0 inet proto tcp from any to any port = 27030 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27030 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27030 -> 127.0.0.1 port 19027 rdr on ste0 inet proto udp from any to any port = 27030 -> 127.0.0.1 port 19028 rdr on ng0 inet proto tcp from any to any port = 27021 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27021 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27021 -> 127.0.0.1 port 19029 rdr on ste0 inet proto udp from any to any port = 27021 -> 127.0.0.1 port 19030 rdr on ng0 inet proto tcp from any to any port = 27031 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27031 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27031 -> 127.0.0.1 port 19031 rdr on ste0 inet proto udp from any to any port = 27031 -> 127.0.0.1 port 19032 rdr on ng0 inet proto tcp from any to any port = 27022 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27022 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27022 -> 127.0.0.1 port 19033 rdr on ste0 inet proto udp from any to any port = 27022 -> 127.0.0.1 port 19034 rdr on ng0 inet proto tcp from any to any port = 52001 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 52001 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 52001 -> 127.0.0.1 port 19035 rdr on ste0 inet proto udp from any to any port = 52001 -> 127.0.0.1 port 19036 rdr on ng0 inet proto tcp from any to any port = 27032 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27032 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27032 -> 127.0.0.1 port 19037 rdr on ste0 inet proto udp from any to any port = 27032 -> 127.0.0.1 port 19038 rdr on ng0 inet proto tcp from any to any port = 27033 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27033 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27033 -> 127.0.0.1 port 19039 rdr on ste0 inet proto udp from any to any port = 27033 -> 127.0.0.1 port 19040 rdr on ng0 inet proto tcp from any to any port = 27035 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27035 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27035 -> 127.0.0.1 port 19041 rdr on ste0 inet proto udp from any to any port = 27035 -> 127.0.0.1 port 19042 rdr on ng0 inet proto tcp from any to any port = 27036 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27036 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27036 -> 127.0.0.1 port 19043 rdr on ste0 inet proto udp from any to any port = 27036 -> 127.0.0.1 port 19044 rdr on ng0 inet proto tcp from any to any port = 27037 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27037 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27037 -> 127.0.0.1 port 19045 rdr on ste0 inet proto udp from any to any port = 27037 -> 127.0.0.1 port 19046 rdr on ng0 inet proto tcp from any to any port = 27038 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27038 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27038 -> 127.0.0.1 port 19047 rdr on ste0 inet proto udp from any to any port = 27038 -> 127.0.0.1 port 19048 rdr on ng0 inet proto tcp from any to any port = 27039 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27039 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27039 -> 127.0.0.1 port 19049 rdr on ste0 inet proto udp from any to any port = 27039 -> 127.0.0.1 port 19050 rdr on ng0 inet proto tcp from any to any port = 27041 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27041 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27041 -> 127.0.0.1 port 19051 rdr on ste0 inet proto udp from any to any port = 27041 -> 127.0.0.1 port 19052 rdr on ng0 inet proto tcp from any to any port = 27042 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27042 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27042 -> 127.0.0.1 port 19053 rdr on ste0 inet proto udp from any to any port = 27042 -> 127.0.0.1 port 19054 rdr on ng0 inet proto tcp from any to any port = 27043 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27043 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27043 -> 127.0.0.1 port 19055 rdr on ste0 inet proto udp from any to any port = 27043 -> 127.0.0.1 port 19056 rdr on ng0 inet proto tcp from any to any port = 27044 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27044 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27044 -> 127.0.0.1 port 19057 rdr on ste0 inet proto udp from any to any port = 27044 -> 127.0.0.1 port 19058 rdr on ng0 inet proto tcp from any to any port = 27045 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27045 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27045 -> 127.0.0.1 port 19059 rdr on ste0 inet proto udp from any to any port = 27045 -> 127.0.0.1 port 19060 rdr on ng0 inet proto tcp from any to any port = 27046 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27046 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27046 -> 127.0.0.1 port 19061 rdr on ste0 inet proto udp from any to any port = 27046 -> 127.0.0.1 port 19062 rdr on ng0 inet proto tcp from any to any port = 27047 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27047 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27047 -> 127.0.0.1 port 19063 rdr on ste0 inet proto udp from any to any port = 27047 -> 127.0.0.1 port 19064 rdr on ng0 inet proto tcp from any to any port = 27048 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27048 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27048 -> 127.0.0.1 port 19065 rdr on ste0 inet proto udp from any to any port = 27048 -> 127.0.0.1 port 19066 rdr on ng0 inet proto tcp from any to any port = ssh -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = ssh -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = ssh -> 127.0.0.1 port 19067 rdr on ste0 inet proto udp from any to any port = ssh -> 127.0.0.1 port 19068 rdr on ng0 inet proto tcp from any to any port = 10000 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 10000 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 10000 -> 127.0.0.1 port 19069 rdr on ste0 inet proto udp from any to any port = 10000 -> 127.0.0.1 port 19070 rdr on ng0 inet proto tcp from any to 217.197.240.43 port = ftp-data -> 192.168.200.1 rdr on ng0 inet proto udp from any to 217.197.240.43 port = ftp-data -> 192.168.200.1 rdr on ste0 inet proto tcp from any to 217.197.240.43 port = ftp-data -> 127.0.0.1 port 19071 rdr on ste0 inet proto udp from any to 217.197.240.43 port = ftp-data -> 127.0.0.1 port 19072 rdr-anchor "imspector" all rdr-anchor "miniupnpd" all rdr on ste0 inet proto tcp from any to (ste0) port = 3128 -> 127.0.0.1 port 3128 rdr on ng0 inet proto tcp from any to (ng0) port = 3128 -> 127.0.0.1 port 3128</vpns> -
Забавно… а скриншот nat port-forward пожалуйста
-
он у меня большой
http://cs.ms-home.ru/01.jpeg
http://cs.ms-home.ru/02.jpeg
http://cs.ms-home.ru/03.jpeg -
замени any на wan interface в Nat->port forwad
-
замени any на wan interface в Nat->port forwad
Заменить any на interface address?
Я заменил, снял галочку с Disable NAT Reflection.
Интерент появился. А вот локальные ресурсы нет. -
Интерент появился. А вот локальные ресурсы нет.
подробнее пожалуйста, как тестируем локальные ресурсы?
-
Захожу на комп, который находится в локальной сети. Проверяю инет, есть. Набираю сайт который находится на сервере 192.168.200.1.
(Но при наборе ping с этого же компа, который находится в локальной сети. Я получаю не ip 192.168.200.1, а прямой ip который я арендую.)
Сайт не виден… Он долго думает, а потом пишет: Невозможно отобразить страницу -
тогда ещё разок
скинь мнеpfctl -sr pfctl -snгалка убрана.
-
$ pfctl -sr scrub all random-id max-mss 1452 fragment reassemble anchor "ftpsesame/*" all anchor "firewallrules" all block drop quick proto tcp from any port = 0 to any block drop quick proto udp from any port = 0 to any block drop quick proto tcp from any to any port = 0 block drop quick proto udp from any to any port = 0 block drop quick from <snort2c> to any label "Block snort2c hosts" block drop quick from any to <snort2c> label "Block snort2c hosts" anchor "loopback" all pass in quick on lo0 all flags S/SA keep state label "pass loopback" pass out quick on lo0 all flags S/SA keep state label "pass loopback" anchor "packageearly" all anchor "carp" all pass quick inet proto icmp from 217.197.240.43 to any keep state pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19000 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19001 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19002 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19003 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19004 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19005 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19006 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19007 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19008 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19009 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19010 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19011 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19012 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19013 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19014 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19015 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19016 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19017 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19018 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19019 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19020 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19021 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19022 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19023 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19024 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19025 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19026 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19027 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19028 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19029 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19030 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19031 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19032 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19033 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19034 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19035 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19036 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19037 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19038 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19039 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19040 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19041 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19042 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19043 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19044 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19045 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19046 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19047 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19048 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19049 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19050 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19051 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19052 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19053 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19054 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19055 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19056 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19057 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19058 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19059 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19060 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19061 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19062 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19063 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19064 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19065 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19066 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19067 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19068 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19069 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19070 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19071 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19072 keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = 19073 flags S/SA keep state label "NAT REFLECT: Allow traffic to localhost" pass in quick on ste0 inet proto udp from any to 127.0.0.1 port = 19074 keep state label "NAT REFLECT: Allow traffic to localhost" anchor "dhcpserverlan" all pass in quick on ste0 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server on LAN" pass in quick on ste0 inet proto udp from any port = bootpc to 192.168.200.254 port = bootps keep state label "allow access to DHCP server on LAN" pass out quick on ste0 inet proto udp from 192.168.200.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server on LAN" block drop in log quick on nfe0 inet proto udp from any port = bootps to 192.168.200.0/24 port = bootpc label "block dhcp client out wan" block drop in log quick on ng0 inet proto udp from any port = bootps to 192.168.200.0/24 port = bootpc label "block dhcp client out wan" pass in quick on nfe0 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out wan" pass in quick on ng0 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out wan" block drop in on ! ste0 inet from 192.168.200.0/24 to any block drop in on ste0 inet6 from fe80::22cf:30ff:feb6:c1b1 to any block drop in inet from 192.168.200.254 to any anchor "spoofing" all anchor "limitingesr" all block drop in quick from <virusprot> to any label "virusprot overload table" pass out quick on ste0 proto icmp all keep state label "let out anything from firewall host itself" pass out quick on nfe0 proto icmp all keep state label "let out anything from firewall host itself" pass out quick on ng0 proto icmp all keep state label "let out anything from firewall host itself" pass out quick on ng0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" anchor "firewallout" all pass out quick on nfe0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out quick on ng0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out quick on ste0 all flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out quick on enc0 all flags S/SA keep state label "IPSEC internal host to host" pass out quick on ng0 proto icmp all keep state label "let out anything from firewall host itself" anchor "anti-lockout" all pass in quick on ste0 inet from any to 192.168.200.254 flags S/SA keep state label "anti-lockout web rule" block drop in log proto tcp from <sshlockout> to any port = ssh label "sshlockout" anchor "ftpproxy" all anchor "pftpx/*" all pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = http flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = http keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = http flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = http keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto icmp all keep state label "USER_RULE" pass in quick on ng0 inet proto icmp all keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27015 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27015 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27015 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27015 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27010 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27010 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27010 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27010 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27011 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27011 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27011 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27011 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27025 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27025 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27025 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27025 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = afs3-prserver flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = afs3-prserver keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = afs3-prserver flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = afs3-prserver keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 6003 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 6003 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 6003 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 6003 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27016 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27016 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27016 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27016 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27960 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27960 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27960 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27960 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27017 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27017 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27017 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27017 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27018 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27018 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27018 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27018 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27030 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27030 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27030 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27030 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27019 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27019 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27019 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27019 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27020 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27020 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27020 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27020 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27021 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27021 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27021 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27021 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27031 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27031 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27031 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27031 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27022 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27022 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27022 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27022 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 52001 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 52001 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 52001 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 52001 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27032 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27032 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27032 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27032 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27033 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27033 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27033 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27033 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27035 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27035 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27035 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27035 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27036 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27036 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27036 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27036 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27037 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27037 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27037 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27037 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27038 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27038 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27038 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27038 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27039 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27039 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27039 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27039 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27040 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27040 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27041 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27041 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27041 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27041 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27042 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27042 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27042 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27042 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27043 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27043 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27043 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27043 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27044 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27044 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27044 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27044 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27045 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27045 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27045 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27045 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27046 flags S/SA keep state label "USER_RULE" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27046 keep state label "USER_RULE" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27046 flags S/SA keep state label "USER_RULE" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27046 keep state label "USER_RULE" pass in quick on nfe0 inet proto tcp from 89.20.141.32 to 192.168.200.1 port = ssh flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from 89.20.141.32 to 192.168.200.1 port = ssh keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from 89.20.141.32 to 192.168.200.1 port = ssh flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from 89.20.141.32 to 192.168.200.1 port = ssh keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 10000 flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 10000 keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 10000 flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 10000 keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27047 flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27047 keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27047 flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27047 keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = 27048 flags S/SA keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = 27048 keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = 27048 flags S/SA keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = 27048 keep state label "USER_RULE: NAT Virtual_Server_CS_27048" pass in quick on ste0 inet from 192.168.200.0/24 to any flags S/SA keep state label "USER_RULE: Default LAN -> any" pass in quick on ste0 inet proto tcp from 192.168.200.0/24 to 127.0.0.1 port 7999 >< 8031 flags S/SA keep state label "USER_RULE: FTP-LAN-INNET" pass in quick on ste0 inet proto udp from 192.168.200.0/24 to 127.0.0.1 port 7999 >< 8031 keep state label "USER_RULE: FTP-LAN-INNET" pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = ftp keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = ftp keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 217.197.240.43 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 217.197.240.43 port = ftp keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 217.197.240.43 port = ftp flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 217.197.240.43 port = ftp keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto tcp from any to 192.168.200.1 port = ftp-data flags S/SA keep state label "USER_RULE: NAT " pass in quick on nfe0 inet proto udp from any to 192.168.200.1 port = ftp-data keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto tcp from any to 192.168.200.1 port = ftp-data flags S/SA keep state label "USER_RULE: NAT " pass in quick on ng0 inet proto udp from any to 192.168.200.1 port = ftp-data keep state label "USER_RULE: NAT " pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = ftp-proxy flags S/SA keep state label "FTP PROXY: Allow traffic to localhost" pass in quick on ste0 inet proto tcp from any to 127.0.0.1 port = ftp flags S/SA keep state label "FTP PROXY: Allow traffic to localhost" pass in quick on ng0 inet proto tcp from any port = ftp-data to (ng0) port > 49000 flags S/SA keep state label "FTP PROXY: PASV mode data connection" pass in quick on ng0 inet proto tcp from any to (ng0) port > 49000 flags S/SA keep state label "FTP PROXY: RFC959 violation workaround" anchor "imspector" all anchor "miniupnpd" all block drop in log quick all label "Default block all just to be sure." block drop out log quick all label "Default block all just to be sure."</sshlockout></virusprot></snort2c></snort2c>$ pfctl -sn nat-anchor "pftpx/*" all nat-anchor "natearly/*" all nat-anchor "natrules/*" all nat on nfe0 inet from 192.168.200.0/24 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin nat on ng0 inet from 192.168.200.0/24 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin nat on nfe0 inet from 192.168.200.0/24 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin nat on ng0 inet from 192.168.200.0/24 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin nat on nfe0 inet from 192.168.200.0/24 to any -> (ng0) round-robin nat on ng0 inet from 192.168.200.0/24 to any -> (ng0) round-robin rdr-anchor "pftpx/*" all rdr-anchor "slb" all no rdr on ste0 proto tcp from any to <vpns> port = ftp rdr on ste0 inet proto tcp from any to any port = ftp -> 127.0.0.1 port 8021 rdr on ng0 inet proto tcp from any to 217.197.240.43 port = http -> 192.168.200.1 rdr on ng0 inet proto udp from any to 217.197.240.43 port = http -> 192.168.200.1 rdr on ste0 inet proto tcp from any to 217.197.240.43 port = http -> 127.0.0.1 port 19000 rdr on ste0 inet proto udp from any to 217.197.240.43 port = http -> 127.0.0.1 port 19001 rdr on ng0 inet proto tcp from any to any port = 27015 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27015 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27015 -> 127.0.0.1 port 19002 rdr on ste0 inet proto udp from any to any port = 27015 -> 127.0.0.1 port 19003 rdr on ng0 inet proto tcp from any to any port = 27010 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27010 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27010 -> 127.0.0.1 port 19004 rdr on ste0 inet proto udp from any to any port = 27010 -> 127.0.0.1 port 19005 rdr on ng0 inet proto tcp from any to any port = 27011 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27011 -> 127.0.0.1 port 19006 rdr on ng0 inet proto tcp from any to any port = 27040 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27040 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27040 -> 127.0.0.1 port 19007 rdr on ste0 inet proto udp from any to any port = 27040 -> 127.0.0.1 port 19008 rdr on ng0 inet proto tcp from any to any port = 27025 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27025 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27025 -> 127.0.0.1 port 19009 rdr on ste0 inet proto udp from any to any port = 27025 -> 127.0.0.1 port 19010 rdr on ng0 inet proto tcp from any to any port = afs3-prserver -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = afs3-prserver -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = afs3-prserver -> 127.0.0.1 port 19011 rdr on ste0 inet proto udp from any to any port = afs3-prserver -> 127.0.0.1 port 19012 rdr on ng0 inet proto tcp from any to any port = 6003 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 6003 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 6003 -> 127.0.0.1 port 19013 rdr on ste0 inet proto udp from any to any port = 6003 -> 127.0.0.1 port 19014 rdr on ng0 inet proto tcp from any to any port = 27016 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27016 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27016 -> 127.0.0.1 port 19015 rdr on ste0 inet proto udp from any to any port = 27016 -> 127.0.0.1 port 19016 rdr on ng0 inet proto tcp from any to 217.197.240.43 port = 27960 -> 192.168.200.1 rdr on ng0 inet proto udp from any to 217.197.240.43 port = 27960 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to 217.197.240.43 port = 27960 -> 127.0.0.1 port 19017 rdr on ste0 inet proto udp from any to 217.197.240.43 port = 27960 -> 127.0.0.1 port 19018 rdr on ng0 inet proto tcp from any to any port = 27017 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27017 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27017 -> 127.0.0.1 port 19019 rdr on ste0 inet proto udp from any to any port = 27017 -> 127.0.0.1 port 19020 rdr on ng0 inet proto tcp from any to any port = 27018 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27018 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27018 -> 127.0.0.1 port 19021 rdr on ste0 inet proto udp from any to any port = 27018 -> 127.0.0.1 port 19022 rdr on ng0 inet proto tcp from any to any port = 27019 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27019 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27019 -> 127.0.0.1 port 19023 rdr on ste0 inet proto udp from any to any port = 27019 -> 127.0.0.1 port 19024 rdr on ng0 inet proto tcp from any to any port = 27020 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27020 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27020 -> 127.0.0.1 port 19025 rdr on ste0 inet proto udp from any to any port = 27020 -> 127.0.0.1 port 19026 rdr on ng0 inet proto tcp from any to any port = 27030 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27030 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27030 -> 127.0.0.1 port 19027 rdr on ste0 inet proto udp from any to any port = 27030 -> 127.0.0.1 port 19028 rdr on ng0 inet proto tcp from any to any port = 27021 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27021 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27021 -> 127.0.0.1 port 19029 rdr on ste0 inet proto udp from any to any port = 27021 -> 127.0.0.1 port 19030 rdr on ng0 inet proto tcp from any to any port = 27031 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27031 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27031 -> 127.0.0.1 port 19031 rdr on ste0 inet proto udp from any to any port = 27031 -> 127.0.0.1 port 19032 rdr on ng0 inet proto tcp from any to any port = 27022 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27022 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27022 -> 127.0.0.1 port 19033 rdr on ste0 inet proto udp from any to any port = 27022 -> 127.0.0.1 port 19034 rdr on ng0 inet proto tcp from any to any port = 52001 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 52001 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 52001 -> 127.0.0.1 port 19035 rdr on ste0 inet proto udp from any to any port = 52001 -> 127.0.0.1 port 19036 rdr on ng0 inet proto tcp from any to any port = 27032 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27032 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27032 -> 127.0.0.1 port 19037 rdr on ste0 inet proto udp from any to any port = 27032 -> 127.0.0.1 port 19038 rdr on ng0 inet proto tcp from any to any port = 27033 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27033 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27033 -> 127.0.0.1 port 19039 rdr on ste0 inet proto udp from any to any port = 27033 -> 127.0.0.1 port 19040 rdr on ng0 inet proto tcp from any to any port = 27035 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27035 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27035 -> 127.0.0.1 port 19041 rdr on ste0 inet proto udp from any to any port = 27035 -> 127.0.0.1 port 19042 rdr on ng0 inet proto tcp from any to any port = 27036 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27036 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27036 -> 127.0.0.1 port 19043 rdr on ste0 inet proto udp from any to any port = 27036 -> 127.0.0.1 port 19044 rdr on ng0 inet proto tcp from any to any port = 27037 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27037 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27037 -> 127.0.0.1 port 19045 rdr on ste0 inet proto udp from any to any port = 27037 -> 127.0.0.1 port 19046 rdr on ng0 inet proto tcp from any to any port = 27038 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27038 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27038 -> 127.0.0.1 port 19047 rdr on ste0 inet proto udp from any to any port = 27038 -> 127.0.0.1 port 19048 rdr on ng0 inet proto tcp from any to any port = 27039 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27039 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27039 -> 127.0.0.1 port 19049 rdr on ste0 inet proto udp from any to any port = 27039 -> 127.0.0.1 port 19050 rdr on ng0 inet proto tcp from any to any port = 27041 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27041 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27041 -> 127.0.0.1 port 19051 rdr on ste0 inet proto udp from any to any port = 27041 -> 127.0.0.1 port 19052 rdr on ng0 inet proto tcp from any to any port = 27042 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27042 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27042 -> 127.0.0.1 port 19053 rdr on ste0 inet proto udp from any to any port = 27042 -> 127.0.0.1 port 19054 rdr on ng0 inet proto tcp from any to any port = 27043 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27043 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27043 -> 127.0.0.1 port 19055 rdr on ste0 inet proto udp from any to any port = 27043 -> 127.0.0.1 port 19056 rdr on ng0 inet proto tcp from any to any port = 27044 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27044 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27044 -> 127.0.0.1 port 19057 rdr on ste0 inet proto udp from any to any port = 27044 -> 127.0.0.1 port 19058 rdr on ng0 inet proto tcp from any to any port = 27045 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27045 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27045 -> 127.0.0.1 port 19059 rdr on ste0 inet proto udp from any to any port = 27045 -> 127.0.0.1 port 19060 rdr on ng0 inet proto tcp from any to any port = 27046 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27046 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27046 -> 127.0.0.1 port 19061 rdr on ste0 inet proto udp from any to any port = 27046 -> 127.0.0.1 port 19062 rdr on ng0 inet proto tcp from any to any port = 27047 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27047 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27047 -> 127.0.0.1 port 19063 rdr on ste0 inet proto udp from any to any port = 27047 -> 127.0.0.1 port 19064 rdr on ng0 inet proto tcp from any to any port = 27048 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 27048 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 27048 -> 127.0.0.1 port 19065 rdr on ste0 inet proto udp from any to any port = 27048 -> 127.0.0.1 port 19066 rdr on ng0 inet proto tcp from any to any port = ssh -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = ssh -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = ssh -> 127.0.0.1 port 19067 rdr on ste0 inet proto udp from any to any port = ssh -> 127.0.0.1 port 19068 rdr on ng0 inet proto tcp from any to any port = 10000 -> 192.168.200.1 rdr on ng0 inet proto udp from any to any port = 10000 -> 192.168.200.1 rdr on ste0 inet proto tcp from any to any port = 10000 -> 127.0.0.1 port 19069 rdr on ste0 inet proto udp from any to any port = 10000 -> 127.0.0.1 port 19070 rdr on ng0 inet proto tcp from any to 217.197.240.43 port = ftp-data -> 192.168.200.1 rdr on ng0 inet proto udp from any to 217.197.240.43 port = ftp-data -> 192.168.200.1 rdr on ste0 inet proto tcp from any to 217.197.240.43 port = ftp-data -> 127.0.0.1 port 19071 rdr on ste0 inet proto udp from any to 217.197.240.43 port = ftp-data -> 127.0.0.1 port 19072 rdr-anchor "imspector" all rdr-anchor "miniupnpd" all rdr on ste0 inet proto tcp from any to (ste0) port = 3128 -> 127.0.0.1 port 3128 rdr on ng0 inet proto tcp from any to (ng0) port = 3128 -> 127.0.0.1 port 3128</vpns> -
странно, должно вроде работать.
придётся тисипидампитьtcpdump -ni ste0 host 192.168.20.xx возьми из ip компьютера, с которого тестируешь.
-
05 IP 192.168.200.105.35075 > 192.168.200.254.443: F 4885:4885(0) ack 18709 win 849 <nop,nop,timestamp 9127872="" 1815776298=""> 23:18:02.471957 IP 192.168.200.254.443 > 192.168.200.105.35075: . ack 4886 win 4140 <nop,nop,timestamp 9127872="" 1815777917=""> 23:18:02.472101 IP 192.168.200.254.443 > 192.168.200.105.35075: P 18709:18746(37) ack 4886 win 4140 <nop,nop,timestamp 9127872="" 1815777917=""> 23:18:02.472139 IP 192.168.200.254.443 > 192.168.200.105.35075: F 18746:18746(0) ack 4886 win 4140 <nop,nop,timestamp 9127872="" 1815777917=""> 23:18:02.472876 IP 192.168.200.105.35077 > 192.168.200.254.443: S 433524396:433524396(0) win 5840 <mss 6="" 9127872="" 1460,sackok,timestamp="" 0,nop,wscale=""> 23:18:02.472976 IP 192.168.200.254.443 > 192.168.200.105.35077: S 201885656:201885656(0) ack 433524397 win 65228 <mss 9127872="" 546556651="" 1452,nop,wscale="" 4,sackok,timestamp=""> 23:18:02.473875 IP 192.168.200.105.35075 > 192.168.200.254.443: R 211861402:211861402(0) win 0 23:18:02.473910 IP 192.168.200.105.35075 > 192.168.200.254.443: R 211861402:211861402(0) win 0 23:18:02.474929 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 1 win 92 <nop,nop,timestamp 9127873="" 546556651=""> 23:18:02.477874 IP 192.168.200.105.35077 > 192.168.200.254.443: P 1:151(150) ack 1 win 92 <nop,nop,timestamp 9127873="" 546556651=""> 23:18:02.477911 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 151 win 4130 <nop,nop,timestamp 9127873="" 546556656=""> 23:18:02.478200 IP 192.168.200.254.443 > 192.168.200.105.35077: P 1:139(138) ack 151 win 4140 <nop,nop,timestamp 9127873="" 546556656=""> 23:18:02.479874 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 139 win 108 <nop,nop,timestamp 9127874="" 546556656=""> 23:18:02.480908 IP 192.168.200.105.35077 > 192.168.200.254.443: P 151:157(6) ack 139 win 108 <nop,nop,timestamp 9127874="" 546556656=""> 23:18:02.480930 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 157 win 4139 <nop,nop,timestamp 9127874="" 546556659=""> 23:18:02.483017 IP 192.168.200.105.35077 > 192.168.200.254.443: P 157:210(53) ack 139 win 108 <nop,nop,timestamp 9127875="" 546556659=""> 23:18:02.483039 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 210 win 4136 <nop,nop,timestamp 9127875="" 546556661=""> 23:18:02.487892 IP 192.168.200.105.35077 > 192.168.200.254.443: P 210:983(773) ack 139 win 108 <nop,nop,timestamp 9127876="" 546556661=""> 23:18:02.487929 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 983 win 4091 <nop,nop,timestamp 9127876="" 546556666=""> 23:18:02.503686 IP 192.168.200.254.443 > 192.168.200.105.35077: P 139:517(378) ack 983 win 4140 <nop,nop,timestamp 9127876="" 546556681=""> 23:18:02.511874 IP 192.168.200.105.35076 > 192.168.200.254.443: P 2966:3611(645) ack 3089 win 259 <nop,nop,timestamp 9127882="" 4115385897=""> 23:18:02.511919 IP 192.168.200.254.443 > 192.168.200.105.35076: . ack 3611 win 4099 <nop,nop,timestamp 9127882="" 4115386523=""> 23:18:02.531391 IP 192.168.200.254.443 > 192.168.200.105.35076: P 3089:3291(202) ack 3611 win 4140 <nop,nop,timestamp 9127882="" 4115386542=""> 23:18:02.532922 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 3291 win 276 <nop,nop,timestamp 9127887="" 4115386542=""> 23:18:02.532985 IP 192.168.200.254.443 > 192.168.200.105.35076: P 3291:3545(254) ack 3611 win 4140 <nop,nop,timestamp 9127887="" 4115386544=""> 23:18:02.534061 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 3545 win 293 <nop,nop,timestamp 9127888="" 4115386544=""> 23:18:02.534102 IP 192.168.200.254.443 > 192.168.200.105.35076: P 3545:3619(74) ack 3611 win 4140 <nop,nop,timestamp 9127888="" 4115386545=""> 23:18:02.535890 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 3619 win 293 <nop,nop,timestamp 9127888="" 4115386545=""> 23:18:02.541906 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 517 win 125 <nop,nop,timestamp 9127890="" 546556681=""> 23:18:02.541942 IP 192.168.200.254.443 > 192.168.200.105.35077: P 517:739(222) ack 983 win 4140 <nop,nop,timestamp 9127890="" 546556720=""> 23:18:02.543874 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 739 win 142 <nop,nop,timestamp 9127890="" 546556720=""> 23:18:02.820345 IP 192.168.200.254.443 > 192.168.200.105.35068: P 786133:786207(74) ack 0 win 4140 <nop,nop,timestamp 9127711="" 4240374817=""> 23:18:02.821070 IP 192.168.200.254.443 > 192.168.200.105.35068: . 786207:787647(1440) ack 0 win 4140 <nop,nop,timestamp 9127711="" 4240374818=""> 23:18:02.821693 IP 192.168.200.254.443 > 192.168.200.105.35068: . 787647:789087(1440) ack 0 win 4140 <nop,nop,timestamp 9127711="" 4240374818=""> 23:18:02.822032 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 786207 win 1435 <nop,nop,timestamp 9127959="" 4240374817=""> 23:18:02.822219 IP 192.168.200.254.443 > 192.168.200.105.35068: . 789087:790527(1440) ack 0 win 4140 <nop,nop,timestamp 9127959="" 4240374819=""> 23:18:02.822495 IP 192.168.200.254.443 > 192.168.200.105.35068: . 790527:791967(1440) ack 0 win 4140 <nop,nop,timestamp 9127959="" 4240374819=""> 23:18:02.822753 IP 192.168.200.254.443 > 192.168.200.105.35068: . 791967:793407(1440) ack 0 win 4140 <nop,nop,timestamp 9127959="" 4240374819=""> 23:18:02.822913 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 787647 win 1435 <nop,nop,timestamp 9127960="" 4240374818=""> 23:18:02.823220 IP 192.168.200.254.443 > 192.168.200.105.35068: . 793407:794847(1440) ack 0 win 4140 <nop,nop,timestamp 9127960="" 4240374820=""> 23:18:02.824055 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 789087 win 1435 <nop,nop,timestamp 9127960="" 4240374818=""> 23:18:02.824082 IP 192.168.200.254.443 > 192.168.200.105.35068: . 794847:796287(1440) ack 0 win 4140 <nop,nop,timestamp 9127960="" 4240374821=""> 23:18:02.824088 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 790527 win 1413 <nop,nop,timestamp 9127960="" 4240374819=""> 23:18:02.824909 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 791967 win 1435 <nop,nop,timestamp 9127960="" 4240374819=""> 23:18:02.826905 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 793407 win 1413 <nop,nop,timestamp 9127960="" 4240374819=""> 23:18:02.826924 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 794847 win 1391 <nop,nop,timestamp 9127960="" 4240374820=""> 23:18:02.826941 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 796287 win 1369 <nop,nop,timestamp 9127961="" 4240374821=""> 23:18:02.826964 IP 192.168.200.254.443 > 192.168.200.105.35068: P 796287:797239(952) ack 0 win 4140 <nop,nop,timestamp 9127961="" 4240374824=""> 23:18:02.828874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 797239 win 1435 <nop,nop,timestamp 9127961="" 4240374824=""> 23:18:02.916273 IP 192.168.200.254.443 > 192.168.200.105.35072: P 8941:9319(378) ack 10157 win 4140 <nop,nop,timestamp 9127727="" 2452254241=""> 23:18:02.917885 IP 192.168.200.105.35072 > 192.168.200.254.443: . ack 9319 win 594 <nop,nop,timestamp 9127983="" 2452254241=""> 23:18:02.917979 IP 192.168.200.254.443 > 192.168.200.105.35072: P 9319:9541(222) ack 10157 win 4140 <nop,nop,timestamp 9127983="" 2452254243=""> 23:18:02.919875 IP 192.168.200.105.35072 > 192.168.200.254.443: . ack 9541 win 611 <nop,nop,timestamp 9127984="" 2452254243=""> 23:18:02.919924 IP 192.168.200.254.443 > 192.168.200.105.35072: P 9541:9615(74) ack 10157 win 4140 <nop,nop,timestamp 9127984="" 2452254245=""> 23:18:02.921004 IP 192.168.200.105.35072 > 192.168.200.254.443: . ack 9615 win 611 <nop,nop,timestamp 9127984="" 2452254245=""> 23:18:02.925910 IP 192.168.200.105.35072 > 192.168.200.254.443: P 10157:10818(661) ack 9615 win 611 <nop,nop,timestamp 9127985="" 2452254245=""> 23:18:02.925934 IP 192.168.200.254.443 > 192.168.200.105.35072: . ack 10818 win 4098 <nop,nop,timestamp 9127985="" 2452254251=""> 23:18:03.319903 IP 192.168.200.105.42907 > 91.203.96.252.443: S 444611511:444611511(0) win 5840 <mss 6="" 9128084="" 1460,sackok,timestamp="" 0,nop,wscale=""> 23:18:03.358999 IP 91.203.96.252.443 > 192.168.200.105.42907: S 2441822829:2441822829(0) ack 444611512 win 5792 <mss 7="" 1842063049="" 1452,sackok,timestamp="" 9128084,nop,wscale=""> 23:18:03.360893 IP 192.168.200.105.42907 > 91.203.96.252.443: . ack 1 win 92 <nop,nop,timestamp 9128094="" 1842063049=""> 23:18:03.363016 IP 192.168.200.105.42907 > 91.203.96.252.443: P 1:181(180) ack 1 win 92 <nop,nop,timestamp 9128095="" 1842063049=""> 23:18:03.402942 IP 91.203.96.252.443 > 192.168.200.105.42907: . ack 181 win 54 <nop,nop,timestamp 9128095="" 1842063060=""> 23:18:03.407974 IP 91.203.96.252.443 > 192.168.200.105.42907: P 1:139(138) ack 181 win 54 <nop,nop,timestamp 9128095="" 1842063061=""> 23:18:03.412890 IP 192.168.200.105.42907 > 91.203.96.252.443: . ack 139 win 108 <nop,nop,timestamp 9128106="" 1842063061=""> 23:18:03.413887 IP 192.168.200.105.42907 > 91.203.96.252.443: P 181:187(6) ack 139 win 108 <nop,nop,timestamp 9128107="" 1842063061=""> 23:18:03.493971 IP 91.203.96.252.443 > 192.168.200.105.42907: . ack 187 win 54 <nop,nop,timestamp 9128107="" 1842063083=""> 23:18:03.495874 IP 192.168.200.105.42907 > 91.203.96.252.443: P 187:1557(1370) ack 139 win 108 <nop,nop,timestamp 9128128="" 1842063083=""> 23:18:03.533436 IP 192.168.200.254.443 > 192.168.200.105.35077: P 739:813(74) ack 983 win 4140 <nop,nop,timestamp 9127890="" 546557711=""> 23:18:03.534992 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 813 win 142 <nop,nop,timestamp 9128138="" 546557711=""> 23:18:03.535054 IP 192.168.200.254.443 > 192.168.200.105.35077: P 813:993(180) ack 983 win 4140 <nop,nop,timestamp 9128138="" 546557713=""> 23:18:03.536877 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 993 win 159 <nop,nop,timestamp 9128138="" 546557713=""> 23:18:03.536935 IP 192.168.200.254.443 > 192.168.200.105.35077: P 993:1067(74) ack 983 win 4140 <nop,nop,timestamp 9128138="" 546557715=""> 23:18:03.537006 IP 91.203.96.252.443 > 192.168.200.105.42907: . ack 1557 win 77 <nop,nop,timestamp 9128128="" 1842063093=""> 23:18:03.538875 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 1067 win 159 <nop,nop,timestamp 9128139="" 546557715=""> 23:18:03.820324 IP 192.168.200.254.443 > 192.168.200.105.35068: P 797239:797313(74) ack 0 win 4140 <nop,nop,timestamp 9127961="" 4240375817=""> 23:18:03.821204 IP 192.168.200.254.443 > 192.168.200.105.35068: . 797313:798753(1440) ack 0 win 4140 <nop,nop,timestamp 9127961="" 4240375818=""> 23:18:03.821968 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 797313 win 1435 <nop,nop,timestamp 9128209="" 4240375817=""> 23:18:03.822427 IP 192.168.200.254.443 > 192.168.200.105.35068: . 798753:800193(1440) ack 0 win 4140 <nop,nop,timestamp 9128209="" 4240375819=""> 23:18:03.822682 IP 192.168.200.254.443 > 192.168.200.105.35068: . 800193:801633(1440) ack 0 win 4140 <nop,nop,timestamp 9128209="" 4240375819=""> 23:18:03.823044 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 798753 win 1413 <nop,nop,timestamp 9128210="" 4240375818=""> 23:18:03.823166 IP 192.168.200.254.443 > 192.168.200.105.35068: . 801633:803073(1440) ack 0 win 4140 <nop,nop,timestamp 9128210="" 4240375820=""> 23:18:03.823421 IP 192.168.200.254.443 > 192.168.200.105.35068: . 803073:804513(1440) ack 0 win 4140 <nop,nop,timestamp 9128210="" 4240375820=""> 23:18:03.823676 IP 192.168.200.254.443 > 192.168.200.105.35068: . 804513:805953(1440) ack 0 win 4140 <nop,nop,timestamp 9128210="" 4240375820=""> 23:18:03.825894 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 800193 win 1391 <nop,nop,timestamp 9128210="" 4240375819=""> 23:18:03.825930 IP 192.168.200.254.443 > 192.168.200.105.35068: . 805953:807393(1440) ack 0 win 4140 <nop,nop,timestamp 9128210="" 4240375823=""> 23:18:03.825937 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 801633 win 1369 <nop,nop,timestamp 9128210="" 4240375819=""> 23:18:03.825958 IP 192.168.200.254.443 > 192.168.200.105.35068: . 807393:808833(1440) ack 0 win 4140 <nop,nop,timestamp 9128210="" 4240375823=""> 23:18:03.825984 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 803073 win 1347 <nop,nop,timestamp 9128210="" 4240375820=""> 23:18:03.826013 IP 192.168.200.254.443 > 192.168.200.105.35068: . 808833:810273(1440) ack 0 win 4140 <nop,nop,timestamp 9128210="" 4240375823=""> 23:18:03.827875 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 804513 win 1325 <nop,nop,timestamp 9128210="" 4240375820=""> 23:18:03.827905 IP 192.168.200.254.443 > 192.168.200.105.35068: . 810273:811713(1440) ack 0 win 4140 <nop,nop,timestamp 9128210="" 4240375825=""> 23:18:03.827912 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 805953 win 1303 <nop,nop,timestamp 9128210="" 4240375820=""> 23:18:03.827936 IP 192.168.200.254.443 > 192.168.200.105.35068: . 811713:813153(1440) ack 0 win 4140 <nop,nop,timestamp 9128210="" 4240375825=""> 23:18:03.827947 IP 192.168.200.254.443 > 192.168.200.105.35068: . 813153:814593(1440) ack 0 win 4140 <nop,nop,timestamp 9128210="" 4240375825=""> 23:18:03.829873 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 807393 win 1281 <nop,nop,timestamp 9128211="" 4240375823=""> 23:18:03.829903 IP 192.168.200.254.443 > 192.168.200.105.35068: . 814593:816033(1440) ack 0 win 4140 <nop,nop,timestamp 9128211="" 4240375827=""> 23:18:03.837993 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 816033 win 1146 <nop,nop,timestamp 9128214="" 4240375823=""> 23:18:03.838041 IP 192.168.200.254.443 > 192.168.200.105.35068: . 816033:817473(1440) ack 0 win 4140 <nop,nop,timestamp 9128214="" 4240375835=""> 23:18:03.838052 IP 192.168.200.254.443 > 192.168.200.105.35068: . 817473:818913(1440) ack 0 win 4140 <nop,nop,timestamp 9128214="" 4240375835=""> 23:18:03.838067 IP 192.168.200.254.443 > 192.168.200.105.35068: P 818913:819769(856) ack 0 win 4140 <nop,nop,timestamp 9128214="" 4240375835=""> 23:18:03.840875 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 818913 win 1334 <nop,nop,timestamp 9128214="" 4240375835=""> 23:18:03.877875 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 819769 win 1321 <nop,nop,timestamp 9128224="" 4240375835=""> 23:18:03.950188 IP 192.168.200.254.443 > 192.168.200.105.35072: P 9615:9993(378) ack 10818 win 4140 <nop,nop,timestamp 9127985="" 2452255275=""> 23:18:03.989887 IP 192.168.200.105.35072 > 192.168.200.254.443: . ack 9993 win 628 <nop,nop,timestamp 9128252="" 2452255275=""> 23:18:03.989938 IP 192.168.200.254.443 > 192.168.200.105.35072: P 9993:10289(296) ack 10818 win 4140 <nop,nop,timestamp 9128252="" 2452255315=""> 23:18:03.991924 IP 192.168.200.105.35072 > 192.168.200.254.443: . ack 10289 win 644 <nop,nop,timestamp 9128252="" 2452255315=""> 23:18:04.091889 IP 192.168.200.105.35077 > 192.168.200.254.443: P 983:1644(661) ack 1067 win 159 <nop,nop,timestamp 9128277="" 546557715=""> 23:18:04.091934 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 1644 win 4098 <nop,nop,timestamp 9128277="" 546558270=""> 23:18:04.096086 IP 91.203.96.252.443 > 192.168.200.105.42907: P 139:528(389) ack 1557 win 77 <nop,nop,timestamp 9128128="" 1842063233=""> 23:18:04.096116 IP 91.203.96.252.443 > 192.168.200.105.42907: P 528:725(197) ack 1557 win 77 <nop,nop,timestamp 9128128="" 1842063233=""> 23:18:04.096201 IP 91.203.96.252.443 > 192.168.200.105.42907: F 725:725(0) ack 1557 win 77 <nop,nop,timestamp 9128128="" 1842063233=""> 23:18:04.097894 IP 192.168.200.105.42907 > 91.203.96.252.443: . ack 725 win 142 <nop,nop,timestamp 9128278="" 1842063233=""> 23:18:04.133874 IP 192.168.200.105.42907 > 91.203.96.252.443: . ack 726 win 142 <nop,nop,timestamp 9128288="" 1842063233=""> 23:18:04.136888 IP 192.168.200.105.42907 > 91.203.96.252.443: F 1557:1557(0) ack 726 win 142 <nop,nop,timestamp 9128288="" 1842063233=""> 23:18:04.175900 IP 91.203.96.252.443 > 192.168.200.105.42907: . ack 1558 win 77 <nop,nop,timestamp 9128288="" 1842063253=""> 23:18:04.820326 IP 192.168.200.254.443 > 192.168.200.105.35068: P 819769:819843(74) ack 0 win 4140 <nop,nop,timestamp 9128224="" 4240376817=""> 23:18:04.820849 IP 192.168.200.254.443 > 192.168.200.105.35068: . 819843:821283(1440) ack 0 win 4140 <nop,nop,timestamp 9128224="" 4240376817=""> 23:18:04.821501 IP 192.168.200.254.443 > 192.168.200.105.35068: . 821283:822723(1440) ack 0 win 4140 <nop,nop,timestamp 9128224="" 4240376818=""> 23:18:04.821897 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 819843 win 1435 <nop,nop,timestamp 9128459="" 4240376817=""> 23:18:04.822021 IP 192.168.200.254.443 > 192.168.200.105.35068: . 822723:824163(1440) ack 0 win 4140 <nop,nop,timestamp 9128459="" 4240376819=""> 23:18:04.822404 IP 192.168.200.254.443 > 192.168.200.105.35068: P 824163:825603(1440) ack 0 win 4140 <nop,nop,timestamp 9128459="" 4240376819=""> 23:18:04.822828 IP 192.168.200.254.443 > 192.168.200.105.35068: . 825603:827043(1440) ack 0 win 4140 <nop,nop,timestamp 9128459="" 4240376819=""> 23:18:04.822950 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 821283 win 1435 <nop,nop,timestamp 9128460="" 4240376817=""> 23:18:04.823460 IP 192.168.200.254.443 > 192.168.200.105.35068: . 827043:828483(1440) ack 0 win 4140 <nop,nop,timestamp 9128460="" 4240376820=""> 23:18:04.824899 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 822723 win 1413 <nop,nop,timestamp 9128460="" 4240376818=""> 23:18:04.824933 IP 192.168.200.254.443 > 192.168.200.105.35068: . 828483:829923(1440) ack 0 win 4140 <nop,nop,timestamp 9128460="" 4240376822=""> 23:18:04.824939 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 824163 win 1391 <nop,nop,timestamp 9128460="" 4240376819=""> 23:18:04.824954 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 825603 win 1369 <nop,nop,timestamp 9128460="" 4240376819=""> 23:18:04.825873 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 827043 win 1347 <nop,nop,timestamp 9128460="" 4240376819=""> 23:18:04.825889 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 828483 win 1325 <nop,nop,timestamp 9128460="" 4240376820=""> 23:18:04.826874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 829923 win 1303 <nop,nop,timestamp 9128461="" 4240376822=""> 23:18:04.826896 IP 192.168.200.254.443 > 192.168.200.105.35068: P 829923:830907(984) ack 0 win 4140 <nop,nop,timestamp 9128461="" 4240376824=""> 23:18:04.828899 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 830907 win 1288 <nop,nop,timestamp 9128461="" 4240376824=""> 23:18:05.116291 IP 192.168.200.254.443 > 192.168.200.105.35077: P 1067:1445(378) ack 1644 win 4140 <nop,nop,timestamp 9128277="" 546559294=""> 23:18:05.117973 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 1445 win 175 <nop,nop,timestamp 9128533="" 546559294=""> 23:18:05.118045 IP 192.168.200.254.443 > 192.168.200.105.35077: P 1445:1667(222) ack 1644 win 4140 <nop,nop,timestamp 9128533="" 546559296=""> 23:18:05.119056 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 1667 win 192 <nop,nop,timestamp 9128534="" 546559296=""> 23:18:05.119097 IP 192.168.200.254.443 > 192.168.200.105.35077: P 1667:1741(74) ack 1644 win 4140 <nop,nop,timestamp 9128534="" 546559297=""> 23:18:05.120875 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 1741 win 192 <nop,nop,timestamp 9128534="" 546559297=""> 23:18:05.122874 IP 192.168.200.105.35076 > 192.168.200.254.443: P 3611:4272(661) ack 3619 win 293 <nop,nop,timestamp 9128535="" 4115386545=""> 23:18:05.122899 IP 192.168.200.254.443 > 192.168.200.105.35076: . ack 4272 win 4098 <nop,nop,timestamp 9128535="" 4115389134=""> 23:18:05.538903 IP 192.168.200.105.35072 > 192.168.200.254.443: P 10818:11463(645) ack 10289 win 644 <nop,nop,timestamp 9128638="" 2452255315=""> 23:18:05.538950 IP 192.168.200.254.443 > 192.168.200.105.35072: . ack 11463 win 4099 <nop,nop,timestamp 9128638="" 2452256864=""> 23:18:05.558521 IP 192.168.200.254.443 > 192.168.200.105.35072: P 10289:10507(218) ack 11463 win 4140 <nop,nop,timestamp 9128638="" 2452256883=""> 23:18:05.560081 IP 192.168.200.105.35072 > 192.168.200.254.443: . ack 10507 win 661 <nop,nop,timestamp 9128644="" 2452256883=""> 23:18:05.560141 IP 192.168.200.254.443 > 192.168.200.105.35072: P 10507:10761(254) ack 11463 win 4140 <nop,nop,timestamp 9128644="" 2452256885=""> 23:18:05.561134 IP 192.168.200.254.443 > 192.168.200.105.35072: FP 10761:10872(111) ack 11463 win 4140 <nop,nop,timestamp 9128644="" 2452256886=""> 23:18:05.563894 IP 192.168.200.105.35072 > 192.168.200.254.443: . ack 10761 win 678 <nop,nop,timestamp 9128645="" 2452256885=""> 23:18:05.564903 IP 192.168.200.105.35072 > 192.168.200.254.443: P 11463:11500(37) ack 10873 win 678 <nop,nop,timestamp 9128645="" 2452256886=""> 23:18:05.564946 IP 192.168.200.254.443 > 192.168.200.105.35072: R 2591590999:2591590999(0) win 0 23:18:05.564951 IP 192.168.200.105.35072 > 192.168.200.254.443: F 11500:11500(0) ack 10873 win 678 <nop,nop,timestamp 9128645="" 2452256886=""> 23:18:05.564969 IP 192.168.200.254.443 > 192.168.200.105.35072: R 2591590999:2591590999(0) win 0 23:18:05.820228 IP 192.168.200.254.443 > 192.168.200.105.35068: P 830907:830981(74) ack 0 win 4140 <nop,nop,timestamp 9128461="" 4240377817=""> 23:18:05.820764 IP 192.168.200.254.443 > 192.168.200.105.35068: . 830981:832421(1440) ack 0 win 4140 <nop,nop,timestamp 9128461="" 4240377817=""> 23:18:05.821401 IP 192.168.200.254.443 > 192.168.200.105.35068: P 832421:833861(1440) ack 0 win 4140 <nop,nop,timestamp 9128461="" 4240377818=""> 23:18:05.821820 IP 192.168.200.254.443 > 192.168.200.105.35068: . 833861:835301(1440) ack 0 win 4140 <nop,nop,timestamp 9128461="" 4240377818=""> 23:18:05.821919 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 830981 win 1435 <nop,nop,timestamp 9128709="" 4240377817=""> 23:18:05.822376 IP 192.168.200.254.443 > 192.168.200.105.35068: . 835301:836741(1440) ack 0 win 4140 <nop,nop,timestamp 9128709="" 4240377819=""> 23:18:05.822776 IP 192.168.200.254.443 > 192.168.200.105.35068: . 836741:838181(1440) ack 0 win 4140 <nop,nop,timestamp 9128709="" 4240377819=""> 23:18:05.822947 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 832421 win 1435 <nop,nop,timestamp 9128710="" 4240377817=""> 23:18:05.823509 IP 192.168.200.254.443 > 192.168.200.105.35068: . 838181:839621(1440) ack 0 win 4140 <nop,nop,timestamp 9128710="" 4240377820=""> 23:18:05.823895 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 833861 win 1435 <nop,nop,timestamp 9128710="" 4240377818=""> 23:18:05.823918 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 835301 win 1413 <nop,nop,timestamp 9128710="" 4240377818=""> 23:18:05.824054 IP 192.168.200.254.443 > 192.168.200.105.35068: . 839621:841061(1440) ack 0 win 4140 <nop,nop,timestamp 9128710="" 4240377821=""> 23:18:05.824876 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 836741 win 1391 <nop,nop,timestamp 9128710="" 4240377819=""> 23:18:05.825898 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 838181 win 1369 <nop,nop,timestamp 9128710="" 4240377819=""> 23:18:05.825918 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 839621 win 1347 <nop,nop,timestamp 9128710="" 4240377820=""> 23:18:05.826887 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 841061 win 1435 <nop,nop,timestamp 9128710="" 4240377821=""> 23:18:05.826915 IP 192.168.200.254.443 > 192.168.200.105.35068: P 841061:842029(968) ack 0 win 4140 <nop,nop,timestamp 9128710="" 4240377824=""> 23:18:05.828874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 842029 win 1420 <nop,nop,timestamp 9128711="" 4240377824=""> 23:18:06.118892 IP 192.168.200.105.46667 > 64.12.28.222.443: P 6:12(6) ack 1 win 47600 23:18:06.147124 IP 192.168.200.254.443 > 192.168.200.105.35076: P 3619:3997(378) ack 4272 win 4140 <nop,nop,timestamp 9128535="" 4115390158=""> 23:18:06.148883 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 3997 win 309 <nop,nop,timestamp 9128791="" 4115390158=""> 23:18:06.148952 IP 192.168.200.254.443 > 192.168.200.105.35076: P 3997:4219(222) ack 4272 win 4140 <nop,nop,timestamp 9128791="" 4115390160=""> 23:18:06.150074 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 4219 win 326 <nop,nop,timestamp 9128792="" 4115390160=""> 23:18:06.150115 IP 192.168.200.254.443 > 192.168.200.105.35076: P 4219:4293(74) ack 4272 win 4140 <nop,nop,timestamp 9128792="" 4115390161=""> 23:18:06.151899 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 4293 win 326 <nop,nop,timestamp 9128792="" 4115390161=""> 23:18:06.155941 IP 192.168.200.105.35077 > 192.168.200.254.443: P 1644:2305(661) ack 1741 win 192 <nop,nop,timestamp 9128793="" 546559297=""> 23:18:06.155977 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 2305 win 4098 <nop,nop,timestamp 9128793="" 546560334=""> 23:18:06.268948 IP 64.12.28.222.443 > 192.168.200.105.46667: . ack 12 win 16384 23:18:06.820230 IP 192.168.200.254.443 > 192.168.200.105.35068: P 842029:842103(74) ack 0 win 4140 <nop,nop,timestamp 9128711="" 4240378817=""> 23:18:06.820776 IP 192.168.200.254.443 > 192.168.200.105.35068: . 842103:843543(1440) ack 0 win 4140 <nop,nop,timestamp 9128711="" 4240378817=""> 23:18:06.821361 IP 192.168.200.254.443 > 192.168.200.105.35068: . 843543:844983(1440) ack 0 win 4140 <nop,nop,timestamp 9128711="" 4240378818=""> 23:18:06.821759 IP 192.168.200.254.443 > 192.168.200.105.35068: . 844983:846423(1440) ack 0 win 4140 <nop,nop,timestamp 9128711="" 4240378818=""> 23:18:06.821898 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 842103 win 1435 <nop,nop,timestamp 9128959="" 4240378817=""> 23:18:06.822288 IP 192.168.200.254.443 > 192.168.200.105.35068: . 846423:847863(1440) ack 0 win 4140 <nop,nop,timestamp 9128959="" 4240378819=""> 23:18:06.822690 IP 192.168.200.254.443 > 192.168.200.105.35068: . 847863:849303(1440) ack 0 win 4140 <nop,nop,timestamp 9128959="" 4240378819=""> 23:18:06.823897 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 843543 win 1435 <nop,nop,timestamp 9128960="" 4240378817=""> 23:18:06.823942 IP 192.168.200.254.443 > 192.168.200.105.35068: . 849303:850743(1440) ack 0 win 4140 <nop,nop,timestamp 9128960="" 4240378821=""> 23:18:06.823948 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 844983 win 1435 <nop,nop,timestamp 9128960="" 4240378818=""> 23:18:06.823970 IP 192.168.200.254.443 > 192.168.200.105.35068: . 850743:852183(1440) ack 0 win 4140 <nop,nop,timestamp 9128960="" 4240378821=""> 23:18:06.825898 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 846423 win 1413 <nop,nop,timestamp 9128960="" 4240378818=""> 23:18:06.825920 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 847863 win 1391 <nop,nop,timestamp 9128960="" 4240378819=""> 23:18:06.825936 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 849303 win 1369 <nop,nop,timestamp 9128960="" 4240378819=""> 23:18:06.826931 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 850743 win 1347 <nop,nop,timestamp 9128960="" 4240378821=""> 23:18:06.827874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 852183 win 1435 <nop,nop,timestamp 9128961="" 4240378821=""> 23:18:06.827902 IP 192.168.200.254.443 > 192.168.200.105.35068: P 852183:853437(1254) ack 0 win 4140 <nop,nop,timestamp 9128961="" 4240378825=""> 23:18:06.829892 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 853437 win 1416 <nop,nop,timestamp 9128961="" 4240378825=""> 23:18:07.180617 IP 192.168.200.254.443 > 192.168.200.105.35077: P 1741:2119(378) ack 2305 win 4140 <nop,nop,timestamp 9128793="" 546561358=""> 23:18:07.182105 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 2119 win 209 <nop,nop,timestamp 9129049="" 546561358=""> 23:18:07.182162 IP 192.168.200.254.443 > 192.168.200.105.35077: P 2119:2341(222) ack 2305 win 4140 <nop,nop,timestamp 9129049="" 546561360=""> 23:18:07.183922 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 2341 win 226 <nop,nop,timestamp 9129050="" 546561360=""> 23:18:07.183970 IP 192.168.200.254.443 > 192.168.200.105.35077: P 2341:2415(74) ack 2305 win 4140 <nop,nop,timestamp 9129050="" 546561362=""> 23:18:07.185874 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 2415 win 226 <nop,nop,timestamp 9129050="" 546561362=""> 23:18:07.189911 IP 192.168.200.105.35076 > 192.168.200.254.443: P 4272:4933(661) ack 4293 win 326 <nop,nop,timestamp 9129051="" 4115390161=""> 23:18:07.189940 IP 192.168.200.254.443 > 192.168.200.105.35076: . ack 4933 win 4098 <nop,nop,timestamp 9129051="" 4115391201=""> 23:18:07.820264 IP 192.168.200.254.443 > 192.168.200.105.35068: P 853437:853511(74) ack 0 win 4140 <nop,nop,timestamp 9128961="" 4240379817=""> 23:18:07.820791 IP 192.168.200.254.443 > 192.168.200.105.35068: . 853511:854951(1440) ack 0 win 4140 <nop,nop,timestamp 9128961="" 4240379817=""> 23:18:07.821307 IP 192.168.200.254.443 > 192.168.200.105.35068: . 854951:856391(1440) ack 0 win 4140 <nop,nop,timestamp 9128961="" 4240379818=""> 23:18:07.821701 IP 192.168.200.254.443 > 192.168.200.105.35068: . 856391:857831(1440) ack 0 win 4140 <nop,nop,timestamp 9128961="" 4240379818=""> 23:18:07.821877 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 853511 win 1435 <nop,nop,timestamp 9129209="" 4240379817=""> 23:18:07.822291 IP 192.168.200.254.443 > 192.168.200.105.35068: . 857831:859271(1440) ack 0 win 4140 <nop,nop,timestamp 9129209="" 4240379819=""> 23:18:07.822687 IP 192.168.200.254.443 > 192.168.200.105.35068: . 859271:860711(1440) ack 0 win 4140 <nop,nop,timestamp 9129209="" 4240379819=""> 23:18:07.822949 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 854951 win 1435 <nop,nop,timestamp 9129210="" 4240379817=""> 23:18:07.823237 IP 192.168.200.254.443 > 192.168.200.105.35068: . 860711:862151(1440) ack 0 win 4140 <nop,nop,timestamp 9129210="" 4240379820=""> 23:18:07.823875 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 856391 win 1435 <nop,nop,timestamp 9129210="" 4240379818=""> 23:18:07.823906 IP 192.168.200.254.443 > 192.168.200.105.35068: . 862151:863591(1440) ack 0 win 4140 <nop,nop,timestamp 9129210="" 4240379821=""> 23:18:07.824902 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 857831 win 1413 <nop,nop,timestamp 9129210="" 4240379818=""> 23:18:07.825874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 859271 win 1391 <nop,nop,timestamp 9129210="" 4240379819=""> 23:18:07.825897 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 860711 win 1369 <nop,nop,timestamp 9129210="" 4240379819=""> 23:18:07.826924 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 862151 win 1347 <nop,nop,timestamp 9129211="" 4240379820=""> 23:18:07.826941 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 863591 win 1325 <nop,nop,timestamp 9129211="" 4240379821=""> 23:18:07.826965 IP 192.168.200.254.443 > 192.168.200.105.35068: P 863591:864781(1190) ack 0 win 4140 <nop,nop,timestamp 9129211="" 4240379824=""> 23:18:07.828889 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 864781 win 1435 <nop,nop,timestamp 9129211="" 4240379824=""> 23:18:08.213175 IP 192.168.200.254.443 > 192.168.200.105.35076: P 4293:4671(378) ack 4933 win 4140 <nop,nop,timestamp 9129051="" 4115392224=""> 23:18:08.214885 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 4671 win 343 <nop,nop,timestamp 9129308="" 4115392224=""> 23:18:08.214956 IP 192.168.200.254.443 > 192.168.200.105.35076: P 4671:4893(222) ack 4933 win 4140 <nop,nop,timestamp 9129308="" 4115392226=""> 23:18:08.216877 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 4893 win 360 <nop,nop,timestamp 9129308="" 4115392226=""> 23:18:08.216940 IP 192.168.200.254.443 > 192.168.200.105.35076: P 4893:4967(74) ack 4933 win 4140 <nop,nop,timestamp 9129308="" 4115392228=""> 23:18:08.217973 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 4967 win 360 <nop,nop,timestamp 9129309="" 4115392228=""> 23:18:08.222874 IP 192.168.200.105.35077 > 192.168.200.254.443: P 2305:2966(661) ack 2415 win 226 <nop,nop,timestamp 9129309="" 546561362=""> 23:18:08.222900 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 2966 win 4098 <nop,nop,timestamp 9129309="" 546562401=""> 23:18:08.568970 IP 192.168.200.105.35076 > 192.168.200.254.443: P 4933:5578(645) ack 4967 win 360 <nop,nop,timestamp 9129396="" 4115392228=""> 23:18:08.569017 IP 192.168.200.254.443 > 192.168.200.105.35076: . ack 5578 win 4099 <nop,nop,timestamp 9129396="" 4115392580=""> 23:18:08.588471 IP 192.168.200.254.443 > 192.168.200.105.35076: P 4967:5169(202) ack 5578 win 4140 <nop,nop,timestamp 9129396="" 4115392599=""> 23:18:08.589951 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 5169 win 376 <nop,nop,timestamp 9129401="" 4115392599=""> 23:18:08.590015 IP 192.168.200.254.443 > 192.168.200.105.35076: P 5169:5423(254) ack 5578 win 4140 <nop,nop,timestamp 9129401="" 4115392601=""> 23:18:08.591876 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 5423 win 393 <nop,nop,timestamp 9129402="" 4115392601=""> 23:18:08.591921 IP 192.168.200.254.443 > 192.168.200.105.35076: P 5423:5497(74) ack 5578 win 4140 <nop,nop,timestamp 9129402="" 4115392603=""> 23:18:08.593013 IP 192.168.200.105.35076 > 192.168.200.254.443: . ack 5497 win 393 <nop,nop,timestamp 9129402="" 4115392603=""> 23:18:08.820313 IP 192.168.200.254.443 > 192.168.200.105.35068: P 864781:864855(74) ack 0 win 4140 <nop,nop,timestamp 9129211="" 4240380817=""> 23:18:08.820858 IP 192.168.200.254.443 > 192.168.200.105.35068: . 864855:866295(1440) ack 0 win 4140 <nop,nop,timestamp 9129211="" 4240380817=""> 23:18:08.821491 IP 192.168.200.254.443 > 192.168.200.105.35068: . 866295:867735(1440) ack 0 win 4140 <nop,nop,timestamp 9129211="" 4240380818=""> 23:18:08.821934 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 864855 win 1435 <nop,nop,timestamp 9129459="" 4240380817=""> 23:18:08.822307 IP 192.168.200.254.443 > 192.168.200.105.35068: . 867735:869175(1440) ack 0 win 4140 <nop,nop,timestamp 9129459="" 4240380819=""> 23:18:08.822578 IP 192.168.200.254.443 > 192.168.200.105.35068: . 869175:870615(1440) ack 0 win 4140 <nop,nop,timestamp 9129459="" 4240380819=""> 23:18:08.822837 IP 192.168.200.254.443 > 192.168.200.105.35068: . 870615:872055(1440) ack 0 win 4140 <nop,nop,timestamp 9129459="" 4240380819=""> 23:18:08.822906 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 866295 win 1435 <nop,nop,timestamp 9129460="" 4240380817=""> 23:18:08.823242 IP 192.168.200.254.443 > 192.168.200.105.35068: . 872055:873495(1440) ack 0 win 4140 <nop,nop,timestamp 9129460="" 4240380820=""> 23:18:08.823917 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 867735 win 1435 <nop,nop,timestamp 9129460="" 4240380818=""> 23:18:08.823949 IP 192.168.200.254.443 > 192.168.200.105.35068: . 873495:874935(1440) ack 0 win 4140 <nop,nop,timestamp 9129460="" 4240380821=""> 23:18:08.824874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 869175 win 1413 <nop,nop,timestamp 9129460="" 4240380819=""> 23:18:08.825890 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 870615 win 1391 <nop,nop,timestamp 9129460="" 4240380819=""> 23:18:08.826893 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 872055 win 1369 <nop,nop,timestamp 9129460="" 4240380819=""> 23:18:08.826910 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 873495 win 1347 <nop,nop,timestamp 9129460="" 4240380820=""> 23:18:08.826926 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 874935 win 1325 <nop,nop,timestamp 9129460="" 4240380821=""> 23:18:08.826951 IP 192.168.200.254.443 > 192.168.200.105.35068: P 874935:875855(920) ack 0 win 4140 <nop,nop,timestamp 9129460="" 4240380824=""> 23:18:08.828895 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 875855 win 1435 <nop,nop,timestamp 9129461="" 4240380824=""> 23:18:09.246336 IP 192.168.200.254.443 > 192.168.200.105.35077: P 2415:2793(378) ack 2966 win 4140 <nop,nop,timestamp 9129309="" 546563424=""> 23:18:09.250927 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 2793 win 242 <nop,nop,timestamp 9129567="" 546563424=""> 23:18:09.250975 IP 192.168.200.254.443 > 192.168.200.105.35077: P 2793:3089(296) ack 2966 win 4140 <nop,nop,timestamp 9129567="" 546563429=""> 23:18:09.252873 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 3089 win 259 <nop,nop,timestamp 9129567="" 546563429=""> 23:18:09.257874 IP 192.168.200.105.35077 > 192.168.200.254.443: P 2966:3627(661) ack 3089 win 259 <nop,nop,timestamp 9129568="" 546563429=""> 23:18:09.257907 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 3627 win 4098 <nop,nop,timestamp 9129568="" 546563436=""> 23:18:09.473899 IP 192.168.200.105.35076 > 192.168.200.254.443: F 5578:5578(0) ack 5497 win 393 <nop,nop,timestamp 9129622="" 4115392603=""> 23:18:09.473951 IP 192.168.200.254.443 > 192.168.200.105.35076: . ack 5579 win 4140 <nop,nop,timestamp 9129622="" 4115393485=""> 23:18:09.474075 IP 192.168.200.105.35079 > 192.168.200.254.443: S 546726299:546726299(0) win 5840 <mss 6="" 9129622="" 1460,sackok,timestamp="" 0,nop,wscale=""> 23:18:09.474177 IP 192.168.200.254.443 > 192.168.200.105.35079: S 2823562714:2823562714(0) ack 546726300 win 65228 <mss 9129622="" 2197200979="" 1452,nop,wscale="" 4,sackok,timestamp=""> 23:18:09.474307 IP 192.168.200.254.443 > 192.168.200.105.35076: P 5497:5534(37) ack 5579 win 4140 <nop,nop,timestamp 9129622="" 4115393485=""> 23:18:09.474345 IP 192.168.200.254.443 > 192.168.200.105.35076: F 5534:5534(0) ack 5579 win 4140 <nop,nop,timestamp 9129622="" 4115393485=""> 23:18:09.475874 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 1 win 92 <nop,nop,timestamp 9129623="" 2197200979=""> 23:18:09.476900 IP 192.168.200.105.35076 > 192.168.200.254.443: R 337515393:337515393(0) win 0 23:18:09.476934 IP 192.168.200.105.35079 > 192.168.200.254.443: P 1:151(150) ack 1 win 92 <nop,nop,timestamp 9129623="" 2197200979=""> 23:18:09.476962 IP 192.168.200.254.443 > 192.168.200.105.35079: . ack 151 win 4130 <nop,nop,timestamp 9129623="" 2197200982=""> 23:18:09.476986 IP 192.168.200.105.35076 > 192.168.200.254.443: R 337515393:337515393(0) win 0 23:18:09.477340 IP 192.168.200.254.443 > 192.168.200.105.35079: P 1:139(138) ack 151 win 4140 <nop,nop,timestamp 9129623="" 2197200982=""> 23:18:09.478889 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 139 win 108 <nop,nop,timestamp 9129623="" 2197200982=""> 23:18:09.480874 IP 192.168.200.105.35079 > 192.168.200.254.443: P 151:157(6) ack 139 win 108 <nop,nop,timestamp 9129624="" 2197200982=""> 23:18:09.480906 IP 192.168.200.254.443 > 192.168.200.105.35079: . ack 157 win 4139 <nop,nop,timestamp 9129624="" 2197200986=""> 23:18:09.481875 IP 192.168.200.105.35079 > 192.168.200.254.443: P 157:210(53) ack 139 win 108 <nop,nop,timestamp 9129624="" 2197200986=""> 23:18:09.481898 IP 192.168.200.254.443 > 192.168.200.105.35079: . ack 210 win 4136 <nop,nop,timestamp 9129624="" 2197200987=""> 23:18:09.483874 IP 192.168.200.105.35079 > 192.168.200.254.443: P 210:983(773) ack 139 win 108 <nop,nop,timestamp 9129625="" 2197200987=""> 23:18:09.483901 IP 192.168.200.254.443 > 192.168.200.105.35079: . ack 983 win 4091 <nop,nop,timestamp 9129625="" 2197200989=""> 23:18:09.500115 IP 192.168.200.254.443 > 192.168.200.105.35079: P 139:517(378) ack 983 win 4140 <nop,nop,timestamp 9129625="" 2197201004=""> 23:18:09.538902 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 517 win 125 <nop,nop,timestamp 9129639="" 2197201004=""> 23:18:09.538956 IP 192.168.200.254.443 > 192.168.200.105.35079: P 517:739(222) ack 983 win 4140 <nop,nop,timestamp 9129639="" 2197201044=""> 23:18:09.540873 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 739 win 142 <nop,nop,timestamp 9129639="" 2197201044=""> 23:18:09.820291 IP 192.168.200.254.443 > 192.168.200.105.35068: P 875855:875929(74) ack 0 win 4140 <nop,nop,timestamp 9129461="" 4240381817=""> 23:18:09.821117 IP 192.168.200.254.443 > 192.168.200.105.35068: . 875929:877369(1440) ack 0 win 4140 <nop,nop,timestamp 9129461="" 4240381818=""> 23:18:09.821876 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 875929 win 1435 <nop,nop,timestamp 9129709="" 4240381817=""> 23:18:09.822265 IP 192.168.200.254.443 > 192.168.200.105.35068: . 877369:878809(1440) ack 0 win 4140 <nop,nop,timestamp 9129709="" 4240381819=""> 23:18:09.822521 IP 192.168.200.254.443 > 192.168.200.105.35068: . 878809:880249(1440) ack 0 win 4140 <nop,nop,timestamp 9129709="" 4240381819=""> 23:18:09.822778 IP 192.168.200.254.443 > 192.168.200.105.35068: . 880249:881689(1440) ack 0 win 4140 <nop,nop,timestamp 9129709="" 4240381819=""> 23:18:09.823168 IP 192.168.200.254.443 > 192.168.200.105.35068: . 881689:883129(1440) ack 0 win 4140 <nop,nop,timestamp 9129709="" 4240381820=""> 23:18:09.823875 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 877369 win 1435 <nop,nop,timestamp 9129710="" 4240381818=""> 23:18:09.823901 IP 192.168.200.254.443 > 192.168.200.105.35068: . 883129:884569(1440) ack 0 win 4140 <nop,nop,timestamp 9129710="" 4240381821=""> 23:18:09.824892 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 878809 win 1435 <nop,nop,timestamp 9129710="" 4240381819=""> 23:18:09.824919 IP 192.168.200.254.443 > 192.168.200.105.35068: . 884569:886009(1440) ack 0 win 4140 <nop,nop,timestamp 9129710="" 4240381822=""> 23:18:09.825089 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 880249 win 1413 <nop,nop,timestamp 9129710="" 4240381819=""> 23:18:09.825112 IP 192.168.200.254.443 > 192.168.200.105.35068: . 886009:887449(1440) ack 0 win 4140 <nop,nop,timestamp 9129710="" 4240381822=""> 23:18:09.825908 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 881689 win 1391 <nop,nop,timestamp 9129710="" 4240381819=""> 23:18:09.825934 IP 192.168.200.254.443 > 192.168.200.105.35068: . 887449:888889(1440) ack 0 win 4140 <nop,nop,timestamp 9129710="" 4240381823=""> 23:18:09.827873 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 883129 win 1369 <nop,nop,timestamp 9129710="" 4240381820=""> 23:18:09.827904 IP 192.168.200.254.443 > 192.168.200.105.35068: . 888889:890329(1440) ack 0 win 4140 <nop,nop,timestamp 9129710="" 4240381825=""> 23:18:09.828906 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 884569 win 1347 <nop,nop,timestamp 9129710="" 4240381821=""> 23:18:09.828935 IP 192.168.200.254.443 > 192.168.200.105.35068: . 890329:891769(1440) ack 0 win 4140 <nop,nop,timestamp 9129710="" 4240381826=""> 23:18:09.828946 IP 192.168.200.254.443 > 192.168.200.105.35068: . 891769:893209(1440) ack 0 win 4140 <nop,nop,timestamp 9129710="" 4240381826=""> 23:18:09.828952 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 886009 win 1435 <nop,nop,timestamp 9129711="" 4240381822=""> 23:18:09.828977 IP 192.168.200.254.443 > 192.168.200.105.35068: . 893209:894649(1440) ack 0 win 4140 <nop,nop,timestamp 9129711="" 4240381826=""> 23:18:09.828983 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 887449 win 1413 <nop,nop,timestamp 9129711="" 4240381822=""> 23:18:09.829001 IP 192.168.200.254.443 > 192.168.200.105.35068: . 894649:896089(1440) ack 0 win 4140 <nop,nop,timestamp 9129711="" 4240381826=""> 23:18:09.829124 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 888889 win 1391 <nop,nop,timestamp 9129711="" 4240381823=""> 23:18:09.829148 IP 192.168.200.254.443 > 192.168.200.105.35068: . 896089:897529(1440) ack 0 win 4140 <nop,nop,timestamp 9129711="" 4240381826=""> 23:18:09.830876 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 890329 win 1369 <nop,nop,timestamp 9129711="" 4240381825=""> 23:18:09.831874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 891769 win 1347 <nop,nop,timestamp 9129712="" 4240381826=""> 23:18:09.831897 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 893209 win 1325 <nop,nop,timestamp 9129712="" 4240381826=""> 23:18:09.831939 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 894649 win 1303 <nop,nop,timestamp 9129712="" 4240381826=""> 23:18:09.832890 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 896089 win 1281 <nop,nop,timestamp 9129712="" 4240381826=""> 23:18:09.870893 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 897529 win 1441 <nop,nop,timestamp 9129722="" 4240381826=""> 23:18:09.870944 IP 192.168.200.254.443 > 192.168.200.105.35068: P 897529:898385(856) ack 0 win 4140 <nop,nop,timestamp 9129722="" 4240381868=""> 23:18:09.872921 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 898385 win 1441 <nop,nop,timestamp 9129722="" 4240381868=""> 23:18:10.282461 IP 192.168.200.254.443 > 192.168.200.105.35077: P 3089:3467(378) ack 3627 win 4140 <nop,nop,timestamp 9129568="" 546564460=""> 23:18:10.322891 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 3467 win 276 <nop,nop,timestamp 9129835="" 546564460=""> 23:18:10.322943 IP 192.168.200.254.443 > 192.168.200.105.35077: P 3467:3763(296) ack 3627 win 4140 <nop,nop,timestamp 9129835="" 546564501=""> 23:18:10.324873 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 3763 win 293 <nop,nop,timestamp 9129835="" 546564501=""> 23:18:10.329874 IP 192.168.200.105.35077 > 192.168.200.254.443: P 3627:4288(661) ack 3763 win 293 <nop,nop,timestamp 9129836="" 546564501=""> 23:18:10.329905 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 4288 win 4098 <nop,nop,timestamp 9129836="" 546564508=""> 23:18:10.529521 IP 192.168.200.254.443 > 192.168.200.105.35079: P 739:813(74) ack 983 win 4140 <nop,nop,timestamp 9129639="" 2197202034=""> 23:18:10.530992 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 813 win 142 <nop,nop,timestamp 9129887="" 2197202034=""> 23:18:10.531055 IP 192.168.200.254.443 > 192.168.200.105.35079: P 813:993(180) ack 983 win 4140 <nop,nop,timestamp 9129887="" 2197202036=""> 23:18:10.532876 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 993 win 159 <nop,nop,timestamp 9129887="" 2197202036=""> 23:18:10.532925 IP 192.168.200.254.443 > 192.168.200.105.35079: P 993:1067(74) ack 983 win 4140 <nop,nop,timestamp 9129887="" 2197202038=""> 23:18:10.533945 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 1067 win 159 <nop,nop,timestamp 9129887="" 2197202038=""> 23:18:10.820317 IP 192.168.200.254.443 > 192.168.200.105.35068: P 898385:898459(74) ack 0 win 4140 <nop,nop,timestamp 9129722="" 4240382817=""> 23:18:10.820845 IP 192.168.200.254.443 > 192.168.200.105.35068: . 898459:899899(1440) ack 0 win 4140 <nop,nop,timestamp 9129722="" 4240382817=""> 23:18:10.821393 IP 192.168.200.254.443 > 192.168.200.105.35068: . 899899:901339(1440) ack 0 win 4140 <nop,nop,timestamp 9129722="" 4240382818=""> 23:18:10.821794 IP 192.168.200.254.443 > 192.168.200.105.35068: . 901339:902779(1440) ack 0 win 4140 <nop,nop,timestamp 9129722="" 4240382818=""> 23:18:10.822932 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 898459 win 1440 <nop,nop,timestamp 9129959="" 4240382817=""> 23:18:10.822968 IP 192.168.200.254.443 > 192.168.200.105.35068: . 902779:904219(1440) ack 0 win 4140 <nop,nop,timestamp 9129959="" 4240382820=""> 23:18:10.822980 IP 192.168.200.254.443 > 192.168.200.105.35068: . 904219:905659(1440) ack 0 win 4140 <nop,nop,timestamp 9129959="" 4240382820=""> 23:18:10.822985 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 899899 win 1435 <nop,nop,timestamp 9129960="" 4240382817=""> 23:18:10.823335 IP 192.168.200.254.443 > 192.168.200.105.35068: . 905659:907099(1440) ack 0 win 4140 <nop,nop,timestamp 9129960="" 4240382820=""> 23:18:10.824875 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 901339 win 1435 <nop,nop,timestamp 9129960="" 4240382818=""> 23:18:10.824909 IP 192.168.200.254.443 > 192.168.200.105.35068: . 907099:908539(1440) ack 0 win 4140 <nop,nop,timestamp 9129960="" 4240382822=""> 23:18:10.827873 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 902779 win 1413 <nop,nop,timestamp 9129960="" 4240382818=""> 23:18:10.827897 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 904219 win 1391 <nop,nop,timestamp 9129960="" 4240382820=""> 23:18:10.827917 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 905659 win 1369 <nop,nop,timestamp 9129961="" 4240382820=""> 23:18:10.827932 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 907099 win 1435 <nop,nop,timestamp 9129961="" 4240382820=""> 23:18:10.827946 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 908539 win 1413 <nop,nop,timestamp 9129961="" 4240382822=""> 23:18:10.827970 IP 192.168.200.254.443 > 192.168.200.105.35068: P 908539:909491(952) ack 0 win 4140 <nop,nop,timestamp 9129961="" 4240382825=""> 23:18:10.829874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 909491 win 1399 <nop,nop,timestamp 9129961="" 4240382825=""> 23:18:11.354141 IP 192.168.200.254.443 > 192.168.200.105.35077: P 3763:4141(378) ack 4288 win 4140 <nop,nop,timestamp 9129836="" 546565532=""> 23:18:11.394874 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 4141 win 309 <nop,nop,timestamp 9130103="" 546565532=""> 23:18:11.394924 IP 192.168.200.254.443 > 192.168.200.105.35077: P 4141:4437(296) ack 4288 win 4140 <nop,nop,timestamp 9130103="" 546565573=""> 23:18:11.396874 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 4437 win 326 <nop,nop,timestamp 9130103="" 546565573=""> 23:18:11.400874 IP 192.168.200.105.35079 > 192.168.200.254.443: P 983:1644(661) ack 1067 win 159 <nop,nop,timestamp 9130104="" 2197202038=""> 23:18:11.400903 IP 192.168.200.254.443 > 192.168.200.105.35079: . ack 1644 win 4098 <nop,nop,timestamp 9130104="" 2197202906=""> 23:18:11.596874 IP 192.168.200.105.35077 > 192.168.200.254.443: P 4288:4933(645) ack 4437 win 326 <nop,nop,timestamp 9130153="" 546565573=""> 23:18:11.596921 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 4933 win 4099 <nop,nop,timestamp 9130153="" 546565775=""> 23:18:11.617487 IP 192.168.200.254.443 > 192.168.200.105.35077: P 4437:4639(202) ack 4933 win 4140 <nop,nop,timestamp 9130153="" 546565795=""> 23:18:11.618921 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 4639 win 343 <nop,nop,timestamp 9130158="" 546565795=""> 23:18:11.619001 IP 192.168.200.254.443 > 192.168.200.105.35077: P 4639:4893(254) ack 4933 win 4140 <nop,nop,timestamp 9130158="" 546565797=""> 23:18:11.620876 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 4893 win 360 <nop,nop,timestamp 9130159="" 546565797=""> 23:18:11.620930 IP 192.168.200.254.443 > 192.168.200.105.35077: P 4893:4967(74) ack 4933 win 4140 <nop,nop,timestamp 9130159="" 546565799=""> 23:18:11.621983 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 4967 win 360 <nop,nop,timestamp 9130159="" 546565799=""> 23:18:11.820390 IP 192.168.200.254.443 > 192.168.200.105.35068: P 909491:909565(74) ack 0 win 4140 <nop,nop,timestamp 9129961="" 4240383817=""> 23:18:11.821090 IP 192.168.200.254.443 > 192.168.200.105.35068: . 909565:911005(1440) ack 0 win 4140 <nop,nop,timestamp 9129961="" 4240383818=""> 23:18:11.821501 IP 192.168.200.254.443 > 192.168.200.105.35068: . 911005:912445(1440) ack 0 win 4140 <nop,nop,timestamp 9129961="" 4240383818=""> 23:18:11.822099 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 909565 win 1435 <nop,nop,timestamp 9130209="" 4240383817=""> 23:18:11.822228 IP 192.168.200.254.443 > 192.168.200.105.35068: . 912445:913885(1440) ack 0 win 4140 <nop,nop,timestamp 9130209="" 4240383819=""> 23:18:11.822661 IP 192.168.200.254.443 > 192.168.200.105.35068: . 913885:915325(1440) ack 0 win 4140 <nop,nop,timestamp 9130209="" 4240383819=""> 23:18:11.823284 IP 192.168.200.254.443 > 192.168.200.105.35068: . 915325:916765(1440) ack 0 win 4140 <nop,nop,timestamp 9130209="" 4240383820=""> 23:18:11.823934 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 911005 win 1435 <nop,nop,timestamp 9130210="" 4240383818=""> 23:18:11.823971 IP 192.168.200.254.443 > 192.168.200.105.35068: . 916765:918205(1440) ack 0 win 4140 <nop,nop,timestamp 9130210="" 4240383821=""> 23:18:11.823977 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 912445 win 1435 <nop,nop,timestamp 9130210="" 4240383818=""> 23:18:11.824239 IP 192.168.200.254.443 > 192.168.200.105.35068: . 918205:919645(1440) ack 0 win 4140 <nop,nop,timestamp 9130210="" 4240383821=""> 23:18:11.824876 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 913885 win 1413 <nop,nop,timestamp 9130210="" 4240383819=""> 23:18:11.825874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 915325 win 1391 <nop,nop,timestamp 9130210="" 4240383819=""> 23:18:11.825892 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 916765 win 1435 <nop,nop,timestamp 9130210="" 4240383820=""> 23:18:11.826902 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 918205 win 1413 <nop,nop,timestamp 9130210="" 4240383821=""> 23:18:11.826923 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 919645 win 1391 <nop,nop,timestamp 9130210="" 4240383821=""> 23:18:11.826955 IP 192.168.200.254.443 > 192.168.200.105.35068: P 919645:920581(936) ack 0 win 4140 <nop,nop,timestamp 9130210="" 4240383824=""> 23:18:11.828895 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 920581 win 1377 <nop,nop,timestamp 9130211="" 4240383824=""> 23:18:12.425312 IP 192.168.200.254.443 > 192.168.200.105.35079: P 1067:1445(378) ack 1644 win 4140 <nop,nop,timestamp 9130104="" 2197203930=""> 23:18:12.426948 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 1445 win 175 <nop,nop,timestamp 9130361="" 2197203930=""> 23:18:12.427012 IP 192.168.200.254.443 > 192.168.200.105.35079: P 1445:1667(222) ack 1644 win 4140 <nop,nop,timestamp 9130361="" 2197203932=""> 23:18:12.428113 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 1667 win 192 <nop,nop,timestamp 9130361="" 2197203932=""> 23:18:12.428154 IP 192.168.200.254.443 > 192.168.200.105.35079: P 1667:1741(74) ack 1644 win 4140 <nop,nop,timestamp 9130361="" 2197203933=""> 23:18:12.429874 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 1741 win 192 <nop,nop,timestamp 9130361="" 2197203933=""> 23:18:12.432923 IP 192.168.200.105.35079 > 192.168.200.254.443: P 1644:2305(661) ack 1741 win 192 <nop,nop,timestamp 9130362="" 2197203933=""> 23:18:12.432947 IP 192.168.200.254.443 > 192.168.200.105.35079: . ack 2305 win 4098 <nop,nop,timestamp 9130362="" 2197203938=""> 23:18:12.820334 IP 192.168.200.254.443 > 192.168.200.105.35068: P 920581:920655(74) ack 0 win 4140 <nop,nop,timestamp 9130211="" 4240384817=""> 23:18:12.820861 IP 192.168.200.254.443 > 192.168.200.105.35068: . 920655:922095(1440) ack 0 win 4140 <nop,nop,timestamp 9130211="" 4240384817=""> 23:18:12.821652 IP 192.168.200.254.443 > 192.168.200.105.35068: . 922095:923535(1440) ack 0 win 4140 <nop,nop,timestamp 9130211="" 4240384818=""> 23:18:12.822041 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 920655 win 1435 <nop,nop,timestamp 9130459="" 4240384817=""> 23:18:12.822399 IP 192.168.200.254.443 > 192.168.200.105.35068: . 923535:924975(1440) ack 0 win 4140 <nop,nop,timestamp 9130459="" 4240384819=""> 23:18:12.822800 IP 192.168.200.254.443 > 192.168.200.105.35068: . 924975:926415(1440) ack 0 win 4140 <nop,nop,timestamp 9130459="" 4240384819=""> 23:18:12.822896 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 922095 win 1435 <nop,nop,timestamp 9130460="" 4240384817=""> 23:18:12.823311 IP 192.168.200.254.443 > 192.168.200.105.35068: . 926415:927855(1440) ack 0 win 4140 <nop,nop,timestamp 9130460="" 4240384820=""> 23:18:12.823713 IP 192.168.200.254.443 > 192.168.200.105.35068: . 927855:929295(1440) ack 0 win 4140 <nop,nop,timestamp 9130460="" 4240384820=""> 23:18:12.823930 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 923535 win 1435 <nop,nop,timestamp 9130460="" 4240384818=""> 23:18:12.824275 IP 192.168.200.254.443 > 192.168.200.105.35068: . 929295:930735(1440) ack 0 win 4140 <nop,nop,timestamp 9130460="" 4240384821=""> 23:18:12.824906 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 924975 win 1413 <nop,nop,timestamp 9130460="" 4240384819=""> 23:18:12.824940 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 926415 win 1391 <nop,nop,timestamp 9130460="" 4240384819=""> 23:18:12.825874 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 927855 win 1369 <nop,nop,timestamp 9130460="" 4240384820=""> 23:18:12.825908 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 929295 win 1347 <nop,nop,timestamp 9130460="" 4240384820=""> 23:18:12.826903 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 930735 win 1325 <nop,nop,timestamp 9130461="" 4240384821=""> 23:18:12.826941 IP 192.168.200.254.443 > 192.168.200.105.35068: P 930735:931687(952) ack 0 win 4140 <nop,nop,timestamp 9130461="" 4240384824=""> 23:18:12.828982 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 931687 win 1435 <nop,nop,timestamp 9130461="" 4240384824=""> 23:18:13.457096 IP 192.168.200.254.443 > 192.168.200.105.35079: P 1741:2119(378) ack 2305 win 4140 <nop,nop,timestamp 9130362="" 2197204962=""> 23:18:13.521874 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 2119 win 209 <nop,nop,timestamp 9130628="" 2197204962=""> 23:18:13.521931 IP 192.168.200.254.443 > 192.168.200.105.35079: P 2119:2415(296) ack 2305 win 4140 <nop,nop,timestamp 9130628="" 2197205027=""> 23:18:13.523873 IP 192.168.200.105.35079 > 192.168.200.254.443: . ack 2415 win 226 <nop,nop,timestamp 9130635="" 2197205027=""> 23:18:13.527873 IP 192.168.200.105.35077 > 192.168.200.254.443: P 4933:5594(661) ack 4967 win 360 <nop,nop,timestamp 9130636="" 546565799=""> 23:18:13.527902 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 5594 win 4098 <nop,nop,timestamp 9130636="" 546567706=""> 23:18:13.820309 IP 192.168.200.254.443 > 192.168.200.105.35068: P 931687:931761(74) ack 0 win 4140 <nop,nop,timestamp 9130461="" 4240385817=""> 23:18:13.820795 IP 192.168.200.254.443 > 192.168.200.105.35068: . 931761:933201(1440) ack 0 win 4140 <nop,nop,timestamp 9130461="" 4240385817=""> 23:18:13.821349 IP 192.168.200.254.443 > 192.168.200.105.35068: . 933201:934641(1440) ack 0 win 4140 <nop,nop,timestamp 9130461="" 4240385818=""> 23:18:13.822093 IP 192.168.200.254.443 > 192.168.200.105.35068: . 934641:936081(1440) ack 0 win 4140 <nop,nop,timestamp 9130461="" 4240385819=""> 23:18:13.822929 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 931761 win 1435 <nop,nop,timestamp 9130709="" 4240385817=""> 23:18:13.822974 IP 192.168.200.254.443 > 192.168.200.105.35068: . 936081:937521(1440) ack 0 win 4140 <nop,nop,timestamp 9130709="" 4240385820=""> 23:18:13.822986 IP 192.168.200.254.443 > 192.168.200.105.35068: . 937521:938961(1440) ack 0 win 4140 <nop,nop,timestamp 9130709="" 4240385820=""> 23:18:13.822992 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 933201 win 1435 <nop,nop,timestamp 9130710="" 4240385817=""> 23:18:13.823012 IP 192.168.200.254.443 > 192.168.200.105.35068: . 938961:940401(1440) ack 0 win 4140 <nop,nop,timestamp 9130710="" 4240385820=""> 23:18:13.823876 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 934641 win 1435 <nop,nop,timestamp 9130710="" 4240385818=""> 23:18:13.823912 IP 192.168.200.254.443 > 192.168.200.105.35068: . 940401:941841(1440) ack 0 win 4140 <nop,nop,timestamp 9130710="" 4240385821=""> 23:18:13.824904 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 936081 win 1413 <nop,nop,timestamp 9130710="" 4240385819=""> 23:18:13.824929 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 937521 win 1391 <nop,nop,timestamp 9130710="" 4240385820=""> 23:18:13.826888 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 938961 win 1369 <nop,nop,timestamp 9130710="" 4240385820=""> 23:18:13.826945 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 940401 win 1347 <nop,nop,timestamp 9130710="" 4240385820=""> 23:18:13.827009 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 941841 win 1325 <nop,nop,timestamp 9130710="" 4240385821=""> 23:18:13.827035 IP 192.168.200.254.443 > 192.168.200.105.35068: P 941841:943127(1286) ack 0 win 4140 <nop,nop,timestamp 9130710="" 4240385824=""> 23:18:13.828902 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 943127 win 1435 <nop,nop,timestamp 9130711="" 4240385824=""> 23:18:14.552371 IP 192.168.200.254.443 > 192.168.200.105.35077: P 4967:5345(378) ack 5594 win 4140 <nop,nop,timestamp 9130636="" 546568730=""> 23:18:14.554935 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 5345 win 376 <nop,nop,timestamp 9130892="" 546568730=""> 23:18:14.555006 IP 192.168.200.254.443 > 192.168.200.105.35077: P 5345:5641(296) ack 5594 win 4140 <nop,nop,timestamp 9130892="" 546568733=""> 23:18:14.556873 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 5641 win 393 <nop,nop,timestamp 9130893="" 546568733=""> 23:18:14.560910 IP 192.168.200.105.35079 > 192.168.200.254.443: P 2305:2966(661) ack 2415 win 226 <nop,nop,timestamp 9130894="" 2197205027=""> 23:18:14.560939 IP 192.168.200.254.443 > 192.168.200.105.35079: . ack 2966 win 4098 <nop,nop,timestamp 9130894="" 2197206066=""> 23:18:14.626873 IP 192.168.200.105.35077 > 192.168.200.254.443: P 5594:6239(645) ack 5641 win 393 <nop,nop,timestamp 9130910="" 546568733=""> 23:18:14.626920 IP 192.168.200.254.443 > 192.168.200.105.35077: . ack 6239 win 4099 <nop,nop,timestamp 9130910="" 546568805=""> 23:18:14.646668 IP 192.168.200.254.443 > 192.168.200.105.35077: P 5641:5843(202) ack 6239 win 4140 <nop,nop,timestamp 9130910="" 546568824=""> 23:18:14.647938 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 5843 win 410 <nop,nop,timestamp 9130916="" 546568824=""> 23:18:14.648016 IP 192.168.200.254.443 > 192.168.200.105.35077: P 5843:6097(254) ack 6239 win 4140 <nop,nop,timestamp 9130916="" 546568826=""> 23:18:14.649914 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 6097 win 427 <nop,nop,timestamp 9130916="" 546568826=""> 23:18:14.649973 IP 192.168.200.254.443 > 192.168.200.105.35077: P 6097:6171(74) ack 6239 win 4140 <nop,nop,timestamp 9130916="" 546568828=""> 23:18:14.650951 IP 192.168.200.105.35077 > 192.168.200.254.443: . ack 6171 win 427 <nop,nop,timestamp 9130917="" 546568828=""> 23:18:14.820358 IP 192.168.200.254.443 > 192.168.200.105.35068: P 943127:943201(74) ack 0 win 4140 <nop,nop,timestamp 9130711="" 4240386817=""> 23:18:14.820848 IP 192.168.200.254.443 > 192.168.200.105.35068: . 943201:944641(1440) ack 0 win 4140 <nop,nop,timestamp 9130711="" 4240386817=""> 23:18:14.821431 IP 192.168.200.254.443 > 192.168.200.105.35068: . 944641:946081(1440) ack 0 win 4140 <nop,nop,timestamp 9130711="" 4240386818=""> 23:18:14.821920 IP 192.168.200.105.35068 > 192.168.200.254.443: . ack 943201 win 1435 <nop,nop,timestamp 9130959="" 4240386817=""> 23:18:14.822214 IP 192.168.200.254.443 > 192.168.200.105.35068: . 946081:947521(1440) ack 0 win 4140 <nop,nop,timestamp 9130959="" 4240386819=""> 23:18:14.822472 IP 192.168.200.254.443 > 192.168.200.105.35068: P 947521:948961(1440) ack 0 win 4140 <nop,nop,timestamp 9130959="" 4240386819=""></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></mss></mss></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></mss></mss></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></mss></mss></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp></nop,nop,timestamp>
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.