From owner-freebsd-ipfw@FreeBSD.ORG Fri Sep 23 16:34:22 2005 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C576E16A41F for ; Fri, 23 Sep 2005 16:34:22 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2CB4D43D48 for ; Fri, 23 Sep 2005 16:34:22 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from localhost (localhost [127.0.0.1]) by pi.codefab.com (Postfix) with ESMTP id 8BB2B5E13; Fri, 23 Sep 2005 12:34:21 -0400 (EDT) Received: from pi.codefab.com ([127.0.0.1]) by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 44334-07; Fri, 23 Sep 2005 12:34:20 -0400 (EDT) Received: from [192.168.1.3] (pool-68-161-68-11.ny325.east.verizon.net [68.161.68.11]) by pi.codefab.com (Postfix) with ESMTP id 8109C5E8F; Fri, 23 Sep 2005 12:34:20 -0400 (EDT) Message-ID: <43342E8E.6060004@mac.com> Date: Fri, 23 Sep 2005 12:34:22 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.11) Gecko/20050728 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Hugo Osorio References: <680ac84705082407576dd2f6b4@mail.gmail.com> <20050825084039.GH659@obiwan.tataz.chchile.org> <680ac84705082507486347b67@mail.gmail.com> <680ac847050922171856ed2904@mail.gmail.com> <43334E81.9080707@mac.com> <680ac84705092309007d69b088@mail.gmail.com> In-Reply-To: <680ac84705092309007d69b088@mail.gmail.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at codefab.com Cc: freebsd-ipfw@freebsd.org Subject: Re: mime contents thru ipfw X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Sep 2005 16:34:22 -0000 Hugo Osorio wrote: > gracias, > > our (172.24.33.0 ) LAN goes to internet through two > proxies, the new proxy which is the one i am trying to set up, is in another > network we have set routes to that LAN, (172.25.1.0 ) OK. > -is it inappropriate to put these address here? i hope not :s No. I was confused by the "" strings, which someone said may be something to do with gmail.com. > in order to be protected, we have set a firewall in this way: > > LAN(172.24.33.0 ) --> SWITCH --> fw --> Router( > 172.25.19.X) --> proxy(172.25.1.5 ) OK. You should start by testing access through the proxy server when logged onto your firewall box. If that doesn't work, debug your router or your network routes. > i have the other conf (using another proxy, another network) without the > string 'http://' and it works, and transfer everything. > and besides, using the new proxy, without the 'http://' string, it shows > bytes activity in 'ipfw show', i mean i can enter sites. > > For using "open firewall ruleset" do you have any basic document? > > another hint or help, will be appreciated, thank you. Look at /etc/rc.firewall and the "open" ruleset there. See: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html ...which i!=uailable translated to other languages, also. -- -Chuck