Date: Tue, 30 Nov 2004 17:00:20 +0100 From: Kees Plonsz <kees@jeremino.homeunix.net> To: freebsd-questions@freebsd.org Subject: Re: Is this a hole in my firewall? Message-ID: <200411301700.20267.kees@jeremino.homeunix.net> In-Reply-To: <20041130143721.GA29674@dogma.freebsd-uk.eu.org> References: <20041127215612.GA86416@dogma.freebsd-uk.eu.org> <20041129151407.GA74785@ei.bzerk.org> <20041130143721.GA29674@dogma.freebsd-uk.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 30 November 2004 15:37, Jonathon McKitrick wrote:
> On Mon, Nov 29, 2004 at 04:14:07PM +0100, Ruben de Groot wrote:
> : > : allow ip from ${INTERNAL_NET} to any keep-state out xmit tun0
> : > :
> : > : where INTERNAL_NET would be e.g. 192.168.0.0/24
>
> I was checking out the man page, and I'm a little unclear on whether I want
> 'xmit' or 'via' in this rule. Does it make much of a practical difference?
If you want to check your firewall with a scan from "nmap", go to:
http://jeremino.homeunix.net/portscan.php
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200411301700.20267.kees>