From owner-freebsd-questions@FreeBSD.ORG Mon Jun 28 06:47:44 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D160716A4CE for ; Mon, 28 Jun 2004 06:47:44 +0000 (GMT) Received: from whoweb.com (whoweb.com [216.38.168.154]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3FB4343D5F for ; Mon, 28 Jun 2004 06:47:44 +0000 (GMT) (envelope-from mailist@whoweb.com) Received: from whoweb.com (localhost [127.0.0.1]) by whoweb.com (8.12.11/8.12.11) with ESMTP id i5S6m5sa065893 for ; Mon, 28 Jun 2004 02:48:05 -0400 (EDT) Received: (from mailist@localhost) by whoweb.com (8.12.11/8.12.11/Submit) id i5S6m4Tf065892 for freebsd-questions@freebsd.org; Mon, 28 Jun 2004 02:48:04 -0400 (EDT) Date: Mon, 28 Jun 2004 02:48:04 -0400 (EDT) From: Incoming Mail List Message-Id: <200406280648.i5S6m4Tf065892@whoweb.com> To: freebsd-questions@freebsd.org Subject: ipfw help needed X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jun 2004 06:47:44 -0000 I'm having a problem with the logic of ipfw-2 on 5.2.1. I have a 4 port NIC (de0, de1, de2, de3) and separate networks on each port. All routing is working fine and trying to work with dynamic rules but not getting the results I'm expecting. For simplicity, I am only working with two of the ports to keep the ruleset reasonable. de1 - 192.168.1.0 network de3 - 192.168.3.0 network I have the following ruleset: 01600 skipto 4000 ip from any to any via de1 01800 skipto 8000 ip from any to any via de3 04000 deny ip from any to 192.168.1.1 dst-port 80 04100 allow ip from any to any in via de1