Date: Sun, 27 Jun 1999 22:04:11 -0400 (EDT) From: Ralph Strohschein <ralph@tinynet.hamilton.on.ca> To: Michael Maxwell <drwho@xnet.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: firewalling problem. Message-ID: <Pine.BSF.3.96.990627215958.35766C-100000@starlight.tinynet.hamilton.on.ca> In-Reply-To: <19990626210402.B1580@atlas.topquark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 26 Jun 1999, Michael Maxwell wrote: > I have attached my /etc/rc.firewall as it currently is... please have a look > for more info: > > Problem: > I cannot allow my local net machines to talk outside to the net and still > have a useful firewall at the same time. The rule that allows the local > hosts to talk outside completely defeats the purpose of having any OTHER > rules in the first place (ipfw allow ip from any to any). I have tried > restricting the first "any" to <mynet>:<mymask>, but this also does not > work. > > Any help I can get on this would be VERY much appreciated. Reading the > docs doesn't help much at all, and all the examples I've looked at on the > net are of little help on this one, too... It took me two weeks just to > get this far... > > Thanks again... > > > -- > Michael Maxwell <drwho @ xnet.com> | http://www.xnet.com/~drwho/ > -- NATO: Now that you've destroyed Serbia, who you gonna kill next? -- > Your inside address is 192.168.16.1, which is a RFC1918 address. Look at the RFC1918 section in your rc.firewall. You are blocking all traffic to and from 192.168.X.X via ppp0. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990627215958.35766C-100000>