From owner-freebsd-questions Fri Sep 1 13:11:35 2000 Delivered-To: freebsd-questions@freebsd.org Received: from 2711.dynacom.net (2711.dynacom.net [206.107.213.3]) by hub.freebsd.org (Postfix) with ESMTP id 9985C37B424 for ; Fri, 1 Sep 2000 13:11:32 -0700 (PDT) Received: from urx.com (dsl1-160.dynacom.net [206.159.132.160]) by 2711.dynacom.net (Build 101 8.9.3/NT-8.9.3) with ESMTP id NAA00192; Fri, 01 Sep 2000 13:11:30 -0700 Message-ID: <39B00D71.4464D89D@urx.com> Date: Fri, 01 Sep 2000 13:11:29 -0700 From: Kent Stewart Reply-To: kstewart@urx.com Organization: Dynacom X-Mailer: Mozilla 4.74 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Tim Strobel Cc: freebsd-questions@FreeBSD.ORG Subject: Re: firewall stuff References: <20000901143427.A263@psiklone.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Tim Strobel wrote: > > I'm trying to setup a firewall with IPFW. I can get it to load and filter traffic with the 'simple' firewall. I'm having trouble getting anything past the firewall though. For example, I can ssh into the firewall, but can't ping an internal machine. I also would like to divert tcp 22 from the firewall to the internal machine. I have setup ssh for the firewall on a non-standard port. Any help is appreciated. > > Both systems are FreeBSD 4.1-R Look at the "Dual-Homed" setup on http://www.mostgraveconcern.com/freebsd/. I left the rc.firewall from stable in up to where you start adding services and then I used Dan's arrangment. What Ruslan's changes did was let you test for people using the non-routable IP's before you do the natd. I don't permit telnet (or ssh) or ftp from outside. So, I can comment on the rest. Kent > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Kent Stewart Richland, WA mailto:kbstew99@hotmail.com http://kstewart.urx.com/kstewart/index.html FreeBSD News http://daily.daemonnews.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message