Date: Sun, 21 Jan 2001 14:02:43 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: Jason Hunt <jhunt@blaz.homeip.net> Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: ipfw troubles.. Message-ID: <20010121140243.T10761@rfx-216-196-73-168.users.reflex> In-Reply-To: <3A6B1C57.4FC7334B@blaz.niinet.net>; from jhunt@blaz.homeip.net on Sun, Jan 21, 2001 at 11:28:55AM -0600 References: <3A6B1C57.4FC7334B@blaz.niinet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jan 21, 2001 at 11:28:55AM -0600, Jason Hunt wrote: > hello, > > I am having a little trouble with my rules that I don't > fully understand. I have the following in my ipfw rules > but its not working the way I would expect: > > # Allow ICQ Server Packets > add allow tcp from any 5190 to any via xl0 > > # Allow ICQ Client-to-Client communications > add allow tcp from any 1024-65535 to any 1024-65535 in recv xl0 > > my firewall has xl0 connected to cable modem, and xl1 is connected > to local lan. Machines behind the firewall can not access icq > though, or some other services. How can I basically allow > everything that can get to the firewall through to my lan? Go to Yahoo!. Search for 'icq firewall.' The first link is, http://www.icq.com/icqtour/firewall/ In there you will find, http://www.icq.com/icqtour/firewall/netadmin.html Now, go look at the bottom of the page where they make the little caveat about, ugh, "IP-Masquerading" (known as NAT to the civilized world). That's you. That's why it does not all work. It is not a open-closed firewall ports issue. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010121140243.T10761>