From owner-freebsd-questions Wed Dec 4 00:12:28 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA17121 for questions-outgoing; Wed, 4 Dec 1996 00:12:28 -0800 (PST) Received: from gatekeeper.barcode.co.il (gatekeeper.barcode.co.il [192.116.93.17]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id AAA17108 for ; Wed, 4 Dec 1996 00:12:22 -0800 (PST) Received: (from smap@localhost) by gatekeeper.barcode.co.il (8.7.5/8.6.12) id KAA06326; Wed, 4 Dec 1996 10:12:20 +0200 (IST) X-Authentication-Warning: gatekeeper.barcode.co.il: smap set sender to using -f Received: from localhost.barcode.co.il(127.0.0.1) by gatekeeper.barcode.co.il via smap (V1.3) id sma006324; Wed Dec 4 10:12:15 1996 Message-ID: <32A53208.24A8@barcode.co.il> Date: Wed, 04 Dec 1996 10:10:48 +0200 From: Nadav Eiron X-Mailer: Mozilla 2.02 (X11; I; SunOS 5.5 sun4m) MIME-Version: 1.0 To: HCI CC: questions@freebsd.org Subject: Re: firewall References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk HCI wrote: > > Can ipfw be used to hide my intranet with my generic intranet numbers? > > I need to have my intranet all use one real ip address,like socks. > > Brian ipfw can be used to *filter* unwanted traffic. If you have unofficial IP addresses on your LAN you should filter out everything (which is best done by turning off routing). If you want socks, you can use it. Another option might be to use application level proxies (such as those in the fwtk), or th NAT feturte of the IPfilter package. ipfw *will not* enable you to have Internet access from machines with unofficial addresses. You must have some type of proxy/NAT for that. Nadav