Date: Thu, 28 Aug 1997 14:16:36 +1000 (EST) From: "Daniel O'Callaghan" <danny@panda.hilink.com.au> To: Tim Baur <tbaur@esgroup.net> Cc: freebsd-hackers@freebsd.org Subject: Re: ipfw configuration. Message-ID: <Pine.BSF.3.91.970828140920.243E-100000@panda.hilink.com.au> In-Reply-To: <Pine.BSI.3.96.970827201849.21649A-100000@oblivion.esgroup.net>
next in thread | previous in thread | raw e-mail | index | archive | help
You only seem to be allowing traffic to and from fw-kam, and not through it. Maybe that's what you intended. ed1 and ed0 should work the same, just make sure you get the irq right - not conflicting with another device. The ruleset looks OK to me, but you might want to also add the rule: 65000 deny log all from any to any That does the same thing as the final 65535 rule, but logs the packet so you can see more closely why it was not matched by an earlier rule. You'll see the log message on the console and in /var/log/messages. Danny /* Daniel O'Callaghan */ /* HiLink Internet <http://www.hilink.com.au/>; danny@hilink.com.au */ /* FreeBSD - works hard, plays hard... danny@freebsd.org */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.970828140920.243E-100000>