From owner-freebsd-net Tue Oct 24 14: 7:20 2000 Delivered-To: freebsd-net@freebsd.org Received: from virtual.sysadmin-inc.com (lists.sysadmin-inc.com [209.16.228.140]) by hub.freebsd.org (Postfix) with ESMTP id 6A24237B479; Tue, 24 Oct 2000 14:07:16 -0700 (PDT) Received: from 98wkst ([10.10.1.71]) by virtual.sysadmin-inc.com (8.9.1/8.9.1) with SMTP id RAA06331; Tue, 24 Oct 2000 17:07:48 -0400 Reply-To: From: "Peter Brezny" To: Subject: request for example rc.firewall script Date: Tue, 24 Oct 2000 17:07:24 -0400 Message-ID: <003401c03dfe$68b42d80$47010a0a@fire.sysadmininc.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm working on adding the rules needed to rc.firewall under the 'simple' sections to allow the script to function as a firewall/nat router for a small network with private ip's in the 10.x.x.x range. The firewall works if i use a simplified script, but the standard rc.firewall that comes with 4.1 doesn't appear to allow nat to work without modifying the rc.firewall script more than just putting in your network info. i think i need some allow rules before the # Stop RFC1918 nets on the outside inteface section of the script. If anyone would be willing to share a portion of their rc.firewall script I'd really appreciate it. Peter Brezny SysAdmin Services, Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message