From owner-freebsd-questions Mon Jul 24 23:18:39 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mostgraveconcern.com (mostgraveconcern.com [216.82.145.240]) by hub.freebsd.org (Postfix) with ESMTP id 28F5F37BA50 for ; Mon, 24 Jul 2000 23:18:33 -0700 (PDT) (envelope-from dan@mostgraveconcern.com) Received: from danco (danco.mostgraveconcern.com [10.20.155.2]) by mostgraveconcern.com (8.9.3/8.9.3) with SMTP id XAA00556; Mon, 24 Jul 2000 23:18:29 -0700 (PDT) (envelope-from dan@mostgraveconcern.com) Message-ID: <001a01bff600$29d01980$029b140a@danco> Reply-To: "Dan O'Connor" From: "Dan O'Connor" To: , "Sam Carleton" Cc: "FreeBSD Questions" Subject: Re: allowing pings out from my firewall Date: Mon, 24 Jul 2000 23:18:34 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >See the "Setting-up a Dual-Homed Host..." at >http://www.mostgraveconcern.com/freebsd/. He has an example of >allowing ping and another for setting up traceroute. The traceroute >only permits 30 hop's. Over the past few days, I've been working on optimizing the rules shown on my cheat sheet. They should work a little more efficiently now... Rules are now included for allowing outgoing pings, but denying incoming pings; and the traceroute rule includes all 90 traceroute ports. BTW, the direct route to the Dual-Homed Host page is http://www.mostgraveconcern.com/freebsd/sheet.cgi?ipfw Let me know if you have any problems... --Dan -- Dan O'Connor On Matters of Most Grave Concern http://www.mostgraveconcern.com FreeBSD Cheat Sheets http://www.mostgraveconcern.com/freebsd/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message