From owner-freebsd-questions Tue Nov 21 11:32:55 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail.isg.siue.edu (mail.isg.siue.edu [146.163.5.4]) by hub.freebsd.org (Postfix) with ESMTP id 325BA37B4CF for ; Tue, 21 Nov 2000 11:32:46 -0800 (PST) Received: from cougar.isg.siue.edu (cougar [146.163.5.29]) by mail.isg.siue.edu (8.9.1/8.9.1) with ESMTP id NAA13398; Tue, 21 Nov 2000 13:29:30 -0600 (CST) Received: (from nobody@localhost) by cougar.isg.siue.edu (8.9.1/8.9.1) id NAA27864; Tue, 21 Nov 2000 13:29:30 -0600 (CST) Date: Tue, 21 Nov 2000 13:29:30 -0600 (CST) From: vcardon@siue.edu Message-Id: <200011211929.NAA27864@cougar.isg.siue.edu> X-Authentication-Warning: cougar.isg.siue.edu: nobody set sender to vcardon@siue.edu using -f To: Jeff Reply-To: vcardon@siue.edu Cc: freebsd-questions@freebsd.org References: <200011211802.MAA24021@cougar.isg.siue.edu> <3A1AC159.90903@kreska.org> In-Reply-To: <3A1AC159.90903@kreska.org> MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP3 Imap webMail Program 2.0.11 X-Originating-IP: 24.17.229.11 Subject: Re: help with ipfw Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I have just tried adding them as suggested. It did not help. BTW, I am running 4.2-RELEASE. I did notice that when I try to ping from the firewall, I get \"sendto: Permission denied\" errors on the console. Thanks, Victor Quoting Jeff : > Did you update your rfc rules to include the in/out keywords for your > internal network? > # Stop RFC1918 nets on the outside interface > ${fwcmd} add deny log all from 10.0.0.0/8 to any via ${oif} > ${fwcmd} add deny log all from any to 10.0.0.0/8 out via ${oif} > -------------------------------------------------------^ > ${fwcmd} add deny log all from 172.16.0.0/12 to any via ${oif} > ${fwcmd} add deny log all from any to 172.16.0.0/12 via ${oif} > ${fwcmd} add deny log all from 192.168.0.0/16 to any via ${oif} > ${fwcmd} add deny log all from any to 192.168.0.0/16 out via > ------------------------------------------------------------^ > > vcardon@siue.edu wrote: > > > Hi everyone, > > > > I am trying to setup a FreeBSD gateway that will have a firewall running > as > > well. The outside interface is connected to a cable modem, and the inside > > interface goes to my internal LAN. I have followed the how-to at > > http://www.mostgraveconcern.com/freebsd , and everything works fine, > untill I > > switch my firewall from type open to simple. > > > > Basically, when I switch to \\\"simple\\\" I lose all network connectivity. I > cannot > > even ping out from the gateway. > > > > Does anyone have any suggestions as to what I can do to correct this? > > > > Thanks, > > Victor > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with \"unsubscribe freebsd-questions\" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message