From owner-freebsd-questions Fri Mar 21 1:29:53 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2FDA737B401 for ; Fri, 21 Mar 2003 01:29:51 -0800 (PST) Received: from web13507.mail.yahoo.com (web13507.mail.yahoo.com [216.136.175.86]) by mx1.FreeBSD.org (Postfix) with SMTP id B033443F93 for ; Fri, 21 Mar 2003 01:29:50 -0800 (PST) (envelope-from will@willardjwilliams.com) Message-ID: <20030321092950.85261.qmail@web13507.mail.yahoo.com> Received: from [132.25.0.206] by web13507.mail.yahoo.com via HTTP; Fri, 21 Mar 2003 01:29:50 PST Date: Fri, 21 Mar 2003 01:29:50 -0800 (PST) From: "W. J. Williams" Subject: Re: IPFW firewall rules not complete To: freebsd-questions@freebsd.org Cc: Henrik Hudson In-Reply-To: <200303201441.21380.lists@rhavenn.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG see picture below... --- Henrik Hudson wrote: > > > On Thursday 20 March 2003 14:20, W. J. Williams wrote: > > > ok, will try that...oddly enough though, mail comes in just fine, just > > going out farts...should have put that in the initial email...still > think > > its NAT related? > > Mail as in POP fetching or mail as in SMTP mail server running? ANSWER: mail as in SMTP mail server (Sendmail). I have drafted a little visual of what my network looks like...this sort of grew out of what used to be just a wireless router connecting my laptops, but now includes FreeBSD which almost makes it's firewalling capabilities redundant; so I know the build is not necessarily ideal. I would like to keep it where it is for now, until I am brave enough to place behind a freebsd firewall. I am just looking for a simple "starter" ruleset that allows ports 22,25,80,10000, 53 to keep working. I also would like to still be able to perform pings and traceroutes out of my network, but not from the outside in. -------------------- |DSL modem | |DHCP from provider| -------------------- ^ | PPOE | V ----------------- |wireless router | |192.168.0.1/29 | |serves laptops; | |does NAT, | |port forwarding | |as well for port| |25, 80, 10000 | ----------------- ^ | 100bT | v -------------------- |switch 24P | | 192.168.0.3/29 | | IP for snmp only)| -------------------- ^ | 100bT | v ------------------------- |IPFW box | |fxp0 192.168.0.2/29 | | | |-----------------------| |fxp1 gatway for clients| |192.168.1.1/24 | ------------------------- ^ | 100bT | v -------------------------- |clients | |192.168.1.2 through 8/24| -------------------------- ===== Will Williams To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message