Date: Fri, 6 Oct 2000 09:07:17 -0300 (ART) From: Fernando Schapachnik <fpscha@ns1.via-net-works.net.ar> To: Craig Cowen <craig@allmaui.com> Cc: "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: IPFILTER Question Message-ID: <200010061207.JAA80734@ns1.via-net-works.net.ar> In-Reply-To: <39DCED87.C7B7FA0B@allmaui.com> "from Craig Cowen at Oct 5, 2000 09:07:20 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Why don't you put a deny log rule for the outside iface and see what happens? Good luck! En un mensaje anterior, Craig Cowen escribió: > > I have setup ipf with options IPFILTER_DEFAULT_BLOCK in my kernel. > When using ipnat, I have 'pass in on (private interface) from > 192.168.0.0/24 to any keep state' in my rules. > > I have no rules specified for the public interface. > The boxen behind the firewall can surf. Fernando P. Schapachnik Administración de la red VIA NET.WORKS ARGENTINA S.A. fernando@via-net-works.net.ar (54-11) 4323-3333 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010061207.JAA80734>