Date: Tue, 21 Nov 2000 12:39:21 -0600 From: Jeff <jeff@kreska.org> To: vcardon@siue.edu Cc: freebsd-questions@FreeBSD.ORG Subject: Re: help with ipfw Message-ID: <3A1AC159.90903@kreska.org> References: <200011211802.MAA24021@cougar.isg.siue.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Did you update your rfc rules to include the in/out keywords for your
internal network?
# Stop RFC1918 nets on the outside interface
${fwcmd} add deny log all from 10.0.0.0/8 to any via ${oif}
${fwcmd} add deny log all from any to 10.0.0.0/8 out via ${oif}
-------------------------------------------------------^
${fwcmd} add deny log all from 172.16.0.0/12 to any via ${oif}
${fwcmd} add deny log all from any to 172.16.0.0/12 via ${oif}
${fwcmd} add deny log all from 192.168.0.0/16 to any via ${oif}
${fwcmd} add deny log all from any to 192.168.0.0/16 out via
------------------------------------------------------------^
vcardon@siue.edu wrote:
> Hi everyone,
>
> I am trying to setup a FreeBSD gateway that will have a firewall running as
> well. The outside interface is connected to a cable modem, and the inside
> interface goes to my internal LAN. I have followed the how-to at
> http://www.mostgraveconcern.com/freebsd , and everything works fine, untill I
> switch my firewall from type open to simple.
>
> Basically, when I switch to \"simple\" I lose all network connectivity. I cannot
> even ping out from the gateway.
>
> Does anyone have any suggestions as to what I can do to correct this?
>
> Thanks,
> Victor
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A1AC159.90903>