Date: Thu, 27 Feb 1997 09:05:59 -0700 (MST) From: Brandon Gillespie <brandon@cold.org> To: "Jonathan M. Bresler" <jmb@freefall.freebsd.org> Cc: freebsd-questions@freebsd.org Subject: Re: ipfw rules problems (NOT operator?) Message-ID: <Pine.NEB.3.95.970227090145.5190A-100000@cold.org> In-Reply-To: <199702270024.QAA14443@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> then write those rules and do not write an "allow all from
> ${onet}:${omask} to any" rule.
>
> how about telling us what effect you want? for instance
> allow telnet from the inside to ___, but no incoming telnet
> connections. allow pasv ftp. dont allow any icmp. etc...
I did :b But I'll do again:
Cleanwall Firewall
: |
Internet => : => Localnet => | => Securenet
: 206.81.134.0 | 192.168.1.0
: |
I want the Firewall (FreeBSD) to _only_ allow telnet, dns and lp/lpr
(npp?) from the outside in--furthermore I want it to ONLY allow tcp
packets from 206.81.134.0. Same goes for the inside out, except for with
the appropriate address (of course). The cleanwall is setup to keep
IP spoofing from occuring, so this gives a double wall effect I feel
comfortable with..
-Brandon Gillespie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.95.970227090145.5190A-100000>