Date: Wed, 27 Aug 1997 21:48:05 -0700 (PDT) From: Tim Baur <tbaur@esgroup.net> To: "Daniel O'Callaghan" <danny@panda.hilink.com.au> Cc: freebsd-hackers@freebsd.org Subject: Re: ipfw configuration. Message-ID: <Pine.BSI.3.96.970827214227.22270A-100000@oblivion.esgroup.net> In-Reply-To: <Pine.BSF.3.91.970828140920.243E-100000@panda.hilink.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 28 Aug 1997, Daniel O'Callaghan wrote: > You only seem to be allowing traffic to and from fw-kam, and not through > it. Maybe that's what you intended. ed1 and ed0 should work the same, > just make sure you get the irq right - not conflicting with another device. Well not exactally, and this is where I believe I may have made a mistake. I want to allow traffic thro fw-kam. Incoming packets via ed1, which would be passwd thro the filter, then either denyed or allowed. If allowed be forwarded out ed0, to the second hub and then hit the machine it was intending to hit. So therefor, I have misconfigured the rc.firewall. But I am at a loss, as I dont know how it should be changed. Also, being that I still want to use real IP addys for ed0 and the machines behind it.. Im unsure as how to setup ed0, would it be: ed1 207.194.190.5 (which is fw-kam.esgroup) and have ed0 with the IP of 207.194.190.6 or something? :shrug: > The ruleset looks OK to me, but you might want to also add the rule: > 65000 deny log all from any to any Nod, will do. Tim Baur ESI Communications
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.96.970827214227.22270A-100000>