From owner-freebsd-isp Tue Aug 29 2:50:53 2000 Delivered-To: freebsd-isp@freebsd.org Received: from web1401.mail.yahoo.com (web1401.mail.yahoo.com [128.11.23.165]) by hub.freebsd.org (Postfix) with SMTP id E103B37B43E for ; Tue, 29 Aug 2000 02:50:47 -0700 (PDT) Received: (qmail 7841 invoked by uid 60001); 29 Aug 2000 09:58:06 -0000 Message-ID: <20000829095806.7840.qmail@web1401.mail.yahoo.com> Received: from [159.148.130.2] by web1401.mail.yahoo.com; Tue, 29 Aug 2000 02:58:06 PDT Date: Tue, 29 Aug 2000 02:58:06 -0700 (PDT) From: John Braun Subject: ipfw rulles for proxy To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello! I have 4.0 BSD gateway (with firewall) |123.123.123.123/255.255.255.240 _|___________________ | | |BSD router& firewall | |_____________________| | | 192.168.2.0/255.255.255.0 _|__________ | | |BSD proxy | |____________| _____|_________ 10.1.60.0/255.255.255.0 | | _|________ ___|____ |Windows | |Windows| |client1 | | client2| |_________| |_______| But I have no correct ipfw rulles for proxy. When I use following ipfw commands: /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via ed0 /sbin/ipfw add pass all from any to any Proxu rulles very well. (Proxy port 80) But when I set up my "SIMPLE" type firewall, then from proxy I can't telnet to www via 80 port. Where is a problem? Also natd sends to me a lot of messages like that: Aug 27 16:00:59 jumis natd[112]: failed to write packet back (Permission denied) Aug 27 16:02:02 jumis natd[112]: failed to write packet back (Permission denied) Aug 27 16:04:11 jumis last message repeated 2 times Aug 27 16:13:56 jumis last message repeated 9 times __________________________________________________ Do You Yahoo!? Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message