From owner-freebsd-security Tue Oct 24 14:11: 9 2000 Delivered-To: freebsd-security@freebsd.org Received: from pfa0frpk001.panasonicfa.com (unknown [38.248.119.1]) by hub.freebsd.org (Postfix) with ESMTP id BE5AC37B479 for ; Tue, 24 Oct 2000 14:11:06 -0700 (PDT) Received: by exchange.panasonicfa.com with Internet Mail Service (5.5.2650.21) id ; Tue, 24 Oct 2000 16:10:47 -0500 Message-ID: <054F7DAA9E54D311AD090008C74CE9BD01766CC7@exchange.panasonicfa.com> From: "Zaitsau, Andrei" To: "'peter@sysadmin-inc.com'" Cc: "'freebsd-security@freebsd.org'" Subject: RE: request for example rc.firewall script Date: Tue, 24 Oct 2000 16:10:46 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have exactly the same problem with rc.firewall, it's blocking me from using NAT. Peter, if someone is going to send you rc.firewall script, can you also forward it to me? ;) Thanks. Andrei. -----Original Message----- From: Peter Brezny [mailto:peter@sysadmin-inc.com] Sent: Tuesday, October 24, 2000 4:07 PM To: freebsd-security@freebsd.org Subject: request for example rc.firewall script I'm working on adding the rules needed to rc.firewall under the 'simple' sections to allow the script to function as a firewall/nat router for a small network with private ip's in the 10.x.x.x range. The firewall works if i use a simplified script, but the standard rc.firewall that comes with 4.1 doesn't appear to allow nat to work without modifying the rc.firewall script more than just putting in your network info. i think i need some allow rules before the # Stop RFC1918 nets on the outside inteface section of the script. If anyone would be willing to share a portion of their rc.firewall script I'd really appreciate it. Peter Brezny SysAdmin Services, Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message