Date: Mon, 11 Jun 2001 12:24:37 -0400 (EDT) From: Jim Freeze <jim@freeze.org> To: <questions@freebsd.org> Subject: Need help with meaning of divert Message-ID: <Pine.BSF.4.32.0106111212231.22484-100000@www.stelesys.com>
next in thread | raw e-mail | index | archive | help
Hi: I have a firewall using natd. When I list the rules, I get a rule 0100 divert: # ipfw list [...snipped] 00050 allow tcp from any to 24.9.218.175 80 setup 00100 divert 8668 ip from any to any via vx0 00150 allow ip from any to any via lo0 [...snipped] In /etc/rc.firewall I have the rules 0050 and 00150, but 0100 is added by default (ie, it is not in /etc/rc.firewall) Can someone explain to me what this rule does? Also, I copied my original rule set from mostgraveconcern but found that some of the rules did not work because they came after rule 100. So, for example, I had to put allow tcp from any to 24.9.218.175 80 setup at 0050 for my webserver to work. I had to do the same with ssh, cvs and mail. This raises three issues: 1) It gets kind of crowded below 100 2) How does one move divert to a higher number 3) What rules need to be before divert Any insight is greatly appreciated. ========================================================= Jim Freeze jim@freeze.org --------------------------------------------------------- No comment at this time. http://www.freeze.org ========================================================= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.32.0106111212231.22484-100000>