Date: Tue, 26 Jul 2005 12:19:07 -0700 From: Eric Pretorious <eric@pretorious.net> To: FreeBSD-questions@freebsd.org Subject: ipfw: deny traffic between interfaces Message-ID: <200507261219.08111.eric@pretorious.net>
next in thread | raw e-mail | index | archive | help
I'm using FreeBSD 4.10 as a masquerading firewall for three private networks and want to restrict traffic between each interface (kind of like VLAN's). The firewall's interfaces are configured as such: sis0 public rl0 192.168.1.1 fxp0 192.168.2.1 sis1 192.168.4.1 ...and ipfw is configured as such: 00050 13453519 8660535275 divert 8668 ip from any to any via sis0 00100 490 81262 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 26955802 17357286222 allow ip from any to any 65535 0 0 deny ip from any to any How can I accomplish this with ipfw? (I thought that something like `ipfw add 400 deny ip from rl0 to not sis0` would do the job but it didn't.) -- Eric P., Truckee, CA
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507261219.08111.eric>