Date: Thu, 16 May 2002 19:50:36 -0700 (PDT) From: Patrick Thomas <root@utility.clubscholarship.com> To: Paul Everlund <tdv94ped@cs.umu.se> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: quick ipfw ruleset advice needed... Message-ID: <20020516194946.W79837-100000@utility.clubscholarship.com> In-Reply-To: <3CE42E6F.A4436739@cs.umu.se>
next in thread | previous in thread | raw e-mail | index | archive | help
> It seems you only allow packets into your computer, but not out. > Try to use something like: > > - Allow you to setup connections. > allow tcp from [your IP] to any out via ed0 setup > > - Allow established connections back in. > allow tcp from any to [your IP] in via ed0 established > > (Exchange ed0 to your own network device.) > > Put those lines before the deny all line. Exactly. That is what I am asking. How do I do that ? > > How do you by the way manage DNS lookups with that ruleset of yours, > or it was only an example? yes, just example. > > Also you should take a closer look at stateful rules! They seem to be > quite neat. > > Good luck! > > Best regards, > Paul > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020516194946.W79837-100000>