From owner-freebsd-questions@FreeBSD.ORG  Sat Apr  9 20:45:42 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 858B916A50E
	for <freebsd-questions@freebsd.org>;
	Sat,  9 Apr 2005 20:45:42 +0000 (GMT)
Received: from nagual.st (cc20684-a.assen1.dr.home.nl [82.74.2.254])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A947043D41
	for <freebsd-questions@freebsd.org>;
	Sat,  9 Apr 2005 20:45:41 +0000 (GMT)	(envelope-from dick@nagual.st)
Received: from pooh.nagual.st (pooh.nagual.st [192.168.11.22])
  by nagual.st with esmtp; Sat, 09 Apr 2005 22:45:40 +0200
Date: Sat, 9 Apr 2005 22:45:41 +0200
From: dick hoogendijk <dick@nagual.st>
To: freebsd-questions@freebsd.org
Message-Id: <20050409224541.3be660f6.dick@nagual.st>
In-Reply-To: <MIEPLLIBMLEEABPDBIEGAENKHDAA.bob@a1poweruser.com>
References: <20050408212553.GA24559@lothlorien.nagual.st>
	<MIEPLLIBMLEEABPDBIEGAENKHDAA.bob@a1poweruser.com>
Organization: nagual SiTe
X-Mailer: Sylpheed version 1.0.4 (GTK+ 1.2.10; i386-portbld-freebsd4.11)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: IPF Firewall Rules... help!
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: dick@nagual.st
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Apr 2005 20:45:42 -0000

On Sat, 9 Apr 2005 11:43:23 -0400
bob@a1poweruser.com wrote:

> Dick
> Since you say you have limewire working on your LAN behind firewall
> why don't you post your rules so we can see how you did it.

# Limewire
pass out quick on rl0 proto tcp from any to any port = 6346 flags S keep
state
pass out quick on rl0 proto udp from any to any port = 6346 keep state

That's really all there is to it. No funny things. Just installed
limewire on all machines using the defaults.

My ipnat.rules is also quit simple:

#
### ipnat.rules
#

# FTP traffic for the internal LAN
map rl0 192.168.11.0/24 -> 0/32 proxy port 21 ftp/tcp

# FTP traffic from the gateway
map rl0 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp

# non-FTP traffic for the internal LAN
map rl0 192.168.11.0/24 -> 0/32 portmap tcp/udp auto
map rl0 192.168.11.0/24 -> 0/32

That's all. And as said: limewire works like a charm.

-- 
dick -- http://nagual.st/ -- PGP/GnuPG key: F86289CE
++ Running FreeBSD 4.11 ++ FreeBSD 5.3
+ Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja