From owner-freebsd-security Mon Mar 27 8:56:51 2000 Delivered-To: freebsd-security@freebsd.org Received: from arf.bussert.COM (arf.bussert.com [209.183.67.130]) by hub.freebsd.org (Postfix) with ESMTP id 62ACC37B863 for ; Mon, 27 Mar 2000 08:56:46 -0800 (PST) (envelope-from matheny@bussert.com) Received: from localhost (matheny@localhost) by arf.bussert.COM (8.9.3/8.9.3) with ESMTP id MAA30586 for ; Mon, 27 Mar 2000 12:03:18 -0500 (EST) (envelope-from matheny@bussert.com) Date: Mon, 27 Mar 2000 12:03:18 -0500 (EST) From: Blake Matheny To: freebsd-security@freebsd.org Subject: Firewall Rules Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have a standard dual homed firewall that has the following options compiled in the kernel: options IPFIREWALL options IPFIREWALL_FORWARD options IPDIVERT I added the following rule to my firewall rules list to disallow 1 workstation from having access to the internet: ipfw add deny tcp from 192.168.2.1/24 to any setup ipfw add deny tcp from 192.168.2.1/24 to any This machine is running nat and routed. Although these rules are loaded as shown by ipfw list this machine still has access to the internet, is this a flaw in my syntax, implementation, or what? Thanks. Blake Matheny Network Engineer Bussert Consulting To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message