From owner-freebsd-questions Fri Jul 30 9:27:21 1999 Delivered-To: freebsd-questions@freebsd.org Received: from mel.alcatel.fr (mel.alcatel.fr [212.208.74.132]) by hub.freebsd.org (Postfix) with ESMTP id 3517515180 for ; Fri, 30 Jul 1999 09:27:17 -0700 (PDT) (envelope-from thierry.herbelot@alcatel.fr) Received: from aifhs2.alcatel.fr (mailhub.alcatel.fr [155.132.180.80]) by mel.alcatel.fr (ALCANET/SMTP) with ESMTP id RAA25972; Fri, 30 Jul 1999 17:20:34 +0200 Received: from lune.telspace.alcatel.fr (lune.telspace.alcatel.fr [155.132.144.65]) by aifhs2.alcatel.fr (ALCANET/SMTP2) with ESMTP id SAA19865; Fri, 30 Jul 1999 18:18:21 +0200 (MET DST) Received: from telss1 (telss1.telspace.alcatel.fr [155.132.51.4]) by lune.telspace.alcatel.fr (8.9.1a/8.9.1) with ESMTP id SAA21027; Fri, 30 Jul 1999 18:11:50 +0200 (MEST) Received: from alcatel.fr by telss1 (8.8.8+Sun/SMI-SVR4) id SAA18780; Fri, 30 Jul 1999 18:20:26 +0200 (MET DST) Message-ID: <37A1D24D.1E6B862C@alcatel.fr> Date: Fri, 30 Jul 1999 18:26:53 +0200 From: Thierry Herbelot Reply-To: thierry.herbelot@alcatel.fr Organization: ALCATEL CIT Nanterre X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: Victor Cc: questions@FreeBSD.ORG Subject: Re: ipfw References: <001601bedab6$58a58c60$230000c8@vit.orgus.ru> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, you should have a look at the filter rules integrated in the userland ppp TfH from the man page : Supports packet filtering. User can define four kinds of filters: the in filter for incoming packets, the out filter for outgoing packets, the dial filter to define a dialing trigger packet and the alive filter for keeping a connection alive with the trigger packet. Victor wrote: > > Dear Sirs. > > I apologize to bother you but I have to. > The problem is I can't configure ipfw on my FreeBSD2.2.8. > My firewall has two interfaces: > - ed0 (ip addr 10.0.0.1) connected to the inside net > 10.0.0.0:255.255.0.0 > - ppp0 (ip addr 200.0.0.1) connected to the Internet. > Additionally there are squid, popper and sendmail running on the firewall > host. > > The tasks are: > 1. Inside users should get access to the sendmail and popper 10.0.0.1 25 > and 110 for inside mailing. > 2. Inside users should get access to the Internet using proxy server > 10.0.0.1 port 3128. > 3. Inside users should get access to the outside mail server 200.0.0.12 > ports 25 and 110. > 4. Inside users should get access to the outside web and ftp 200.0.0.13 > ports 80 and 21. > 5. Only one host 200.0.0.10 can get telnet access from outside to my > firewall 200.0.0.1 port 23. > 6. All other things are prohibited. > > During a week I've tried all possible combinations but there is no result. > Would you help me. > > Victor. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message