From owner-freebsd-questions Fri Jun 16 17: 7: 6 2000 Delivered-To: freebsd-questions@freebsd.org Received: from wcug.wwu.edu (sloth.wcug.wwu.edu [140.160.164.200]) by hub.freebsd.org (Postfix) with SMTP id 6DA7537C210 for ; Fri, 16 Jun 2000 17:06:51 -0700 (PDT) (envelope-from doc@wcug.wwu.edu) Received: (qmail 21822 invoked by uid 1074); 17 Jun 2000 00:06:48 -0000 Date: Fri, 16 Jun 2000 17:06:48 -0700 (PDT) From: David Daugherty X-Sender: doc@sloth To: questions@freebsd.org Subject: ipfw to localhost? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I've really munged up my firewall recently and I'm trying to figure out where I've screwed up (which file). This is on a box which is acting as router to the rest of my 192.168. network. I've managed to make my machine pingable to the outside world again by commenting out all of the firewall stuff in my rc.conf #firewall_enable="YES" #firewall_type="open" If I uncomment this and reboot I can't ping out nor is my box pingable from the outside. Unfortunately by commenting this out I no longer provide Internet access to the machines behind the router. I noticed in my /var/log/ipfw.today I have: 00200 2 78 deny ip from any to 127.0.0.0/8 I have nothing like this in my natd.conf nor my rc.firewall. Where else would I be able to find this line? Why would shutting down my firewall deny access to the Internet from my internal machines? Thanks. David Software Engineer - NetManage Work email: david.daugherty@netmanage.com Home email: doc@wcug.wwu.edu ICQ 21106703 Washington State Resident To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message