Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 12 May 1999 16:34:12 -0400
From:      "MPN" <neubyneu@twcny.rr.com>
To:        <freebsd-questions@freeBSD.ORG>
Subject:   ipfw/natd question...
Message-ID:  <000501be9cb6$cc2350c0$04c809c0@kramer.cmsnet.net>

next in thread | raw e-mail | index | archive | help
Hello.  I'm currently running FBSD-2.2.6-Release.  I have set up my
FreeBSD box running nat to do the translation to the internet for my
home network.  The FreeBSD server box has two ethernet cards.   ed0
connected to my internal network and ed1 connected to my cable modem.
NATD is currently working properly.  What I'd like to do, though,  is
allow only certain port connections.  For example, I would like to allow
telnet, ftp, and http.  If I take out the line allow all from any to
any, nothing works.  NAT doesn't do the translation for some reason.
Here are my current rules:

maddog# ipfw list
00031 deny log udp from any to any 31337
00032 deny log tcp from any to any 31337
00100 divert 6668 ip from any to any via ed1
00101 allow udp from any to any 21
00102 allow tcp from any to any 21
00202 allow tcp from any to any 23
00302 allow udp from any to any 23
00402 allow tcp from any to any 80
00502 allow udp from any to any 80
00602 allow tcp from any to any 53
00702 allow udp from any to any 53
65535 deny ip from any to any
This *should* block everything except ftp, http, telnet, and dnsqueries.
It isn't working though.  What is wrong?  Any help is greatly
appreciated.  THanks in advance.
--
MPN - President, Computer Management Systems
--




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000501be9cb6$cc2350c0$04c809c0>