From owner-freebsd-questions  Tue Apr  9  2:57:57 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mail.hal-pc.org (mail.hal-pc.org [206.180.145.133])
	by hub.freebsd.org (Postfix) with ESMTP id EEA1B37B419
	for <freebsd-questions@freebsd.org>; Tue,  9 Apr 2002 02:57:55 -0700 (PDT)
Received: from [204.52.135.14] (HELO Debug)
  by mail.hal-pc.org (CommuniGate Pro SMTP 3.5.6)
  with SMTP id 7628624 for freebsd-questions@freebsd.org; Tue, 09 Apr 2002 03:57:55 -0600
To: freebsd-questions@freebsd.org
From: cravey@hal-pc.org
Subject: ipfw config to only allow gif tunnels.
Date: Tue, 9 Apr 2002 09:57:55 GMT
X-Mailer: Endymion MailMan Standard Edition v3.0.16
Message-ID: <auto-000007628624@mail.hal-pc.org>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

How do I configure ipfw to allow gif tunnels to/from a specific IP address. I've
got the tunnels up and running, but I don't want everything to be passed for
every port. TCPdump doesn't give port numbers for gif tunnels and I'm either
blind or it's not clearly marked in the gif kernel code either. I suppose I
COULD tcpdump to hex and decode by hand, but I'm not sure that would get me all
of what I need.

Basically, I'm trying to deny everything except the gif tunnel. I'm running
4.5-RELEASE-p2 on i386.

Thanks,

-Stephen


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message