From owner-freebsd-net@FreeBSD.ORG Sat Oct 22 19:08:03 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B14B16A41F for ; Sat, 22 Oct 2005 19:08:03 +0000 (GMT) (envelope-from andy@triera.net) Received: from deliver-1.mx.triera.net (deliver-1.mx.triera.net [213.161.0.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id BFD0143D46 for ; Sat, 22 Oct 2005 19:08:02 +0000 (GMT) (envelope-from andy@triera.net) Received: from localhost (in-2.mx.triera.net [213.161.0.26]) by deliver-1.mx.triera.net (Postfix) with ESMTP id 315D7C095 for ; Sat, 22 Oct 2005 21:07:51 +0200 (CEST) Received: from smtp.triera.net (smtp.triera.net [213.161.0.30]) by in-2.mx.triera.net (Postfix) with SMTP id 7E93E1BC07E for ; Sat, 22 Oct 2005 21:07:55 +0200 (CEST) Received: from webmail.triera.net (scandal.triera.net [213.161.0.40]) by smtp.triera.net (Postfix) with SMTP id 057DD1A18AC for ; Sat, 22 Oct 2005 21:07:56 +0200 (CEST) MIME-Version: 1.0 X-Mailer: Triera Internet Webmail Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-ID: Date: Sat, 22 Oct 2005 21:07:55 +0200 From: "Andy Rozman (Aleksander)" To: freebsd-net@freebsd.org X-Originating-IP: [213.161.5.51] X-Virus-Scanned: Triera AV Service Subject: Problem with firewall X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: andy@triera.net List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Oct 2005 19:08:03 -0000 Hi ! I am sorry to post this message here, but I think that there are a lot of gurus here, who could help me without a problem. Tilll now I was running ipfw with rule that allows all packets (from kernel) to pass through. In last few weeks I started having problems, since I got quite a lot of packets that server accepted by default. So I removed this kernel directive out, but now I have problem, that I don't know how to set rules. I have on my FreeBSD box two NICs, one for outside internet, and one for internal network, so I am using this machine as router, and as web server,... Problem is that I don't know how to set the rules so that ipfw will allow all directives from inside network to go out, and receive replies. Please send me working config. I tried several configs I found on net, but none of them seem to work... It would probably also be nice to put one working natd + ipfw confguration somewhere in handbook. Please help. Andy P.S: I applied for memebership to list, but I don't know how fast this will be procesed, so please cc to my email.