Date: Sun, 7 Nov 2004 20:39:24 +0100 From: Emil Khatib <fenomenoxp2@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: ipfw allowing browser only Message-ID: <dd99923204110711394130a86a@mail.gmail.com> In-Reply-To: <20041107185705.GA6526@skytrackercanada.com> References: <20041107185705.GA6526@skytrackercanada.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You must enable also DNS queries. DNS port is 53 (i think) On Sun, 7 Nov 2004 13:57:05 -0500, David Banning <david+dated+1100285826.d4e990@skytrackercanada.com> wrote: > I am trying to filter out all traffic except browser traffic. > So I tried > > 01000 allow tcp from any to 192.168.1.6 80 > 01100 allow udp from any to 192.168.1.6 80 > 01200 deny ip from any to 192.168.1.6 > 65535 allow ip from any to any > > But this does not allow browser traffic. > > I have my browser traffic redirected via ipnat - ipnat rules are; > > rdr dc0 127.0.0.1/0 port 80 -> 192.168.1.1 port 8180 tcp > > I don't know what comes first, the redirect or the firewall, so maybe > I should be allowing traffic to 8180? > > My host is 192.168.1.1 and the win browser is at 192.168.1.6 > > Any help here would be appreciated. > > -- > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?dd99923204110711394130a86a>