Date: Tue, 17 Apr 2001 12:45:19 +1000 From: Tony Landells <ahl@austclear.com.au> To: michael@tenzo.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ipfw vs. domestic tranquility... Message-ID: <200104170245.MAA04404@tungsten.austclear.com.au> In-Reply-To: Message from "Michael O'Henly" <michael@tenzo.com> of "Mon, 16 Apr 2001 19:08:10 MST." <01041619081002.21220@h24-69-46-74.gv.shawcable.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I assume you've configured NAT as well, and that you've checked that the NAT rule shows up in a listing (ipfw list), and that the natd arguments match your requirements? If not, you'll be squishing your internal traffic with the rules immediately after the natd stuff, which should be obvious if you look at the rule counters (ipfw show)... Personally, I prefer to log almost everything I deny so I can see where traffic is being stopped, particularly when I'm first setting things up. Once things are working to my satisfaction I selectively disable some logging (but not much--I have a lot of disk space and know how to use grep). Tony -- Tony Landells <ahl@austclear.com.au> Senior Network Engineer Ph: +61 3 9677 9319 Australian Clearing Services Pty Ltd Fax: +61 3 9677 9355 Level 4, Rialto North Tower 525 Collins Street Melbourne VIC 3000 Australia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104170245.MAA04404>