From owner-freebsd-questions  Mon Jul  2 22:33: 9 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from hawk.mail.pas.earthlink.net (hawk.mail.pas.earthlink.net [207.217.120.22])
	by hub.freebsd.org (Postfix) with ESMTP id 94E7237B401
	for <questions@FreeBSD.ORG>; Mon,  2 Jul 2001 22:33:07 -0700 (PDT)
	(envelope-from cjc@earthlink.net)
Received: from blossom.cjclark.org (dialup-209.245.135.36.Dial1.SanJose1.Level3.net [209.245.135.36])
	by hawk.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id WAA23512;
	Mon, 2 Jul 2001 22:32:59 -0700 (PDT)
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.4/8.11.3) id f635Whq01425;
	Mon, 2 Jul 2001 22:32:43 -0700 (PDT)
	(envelope-from cjc)
Date: Mon, 2 Jul 2001 22:32:43 -0700
From: "Crist J. Clark" <cristjc@earthlink.net>
To: Tony <tony@tntpro.com>
Cc: Richard Smith <rdls@rdls.net>,
	Michael Lucas <mwlucas@blackhelicopters.org>, questions@FreeBSD.ORG
Subject: Re: dummynet question
Message-ID: <20010702223243.I312@blossom.cjclark.org>
Reply-To: cjclark@alum.mit.edu
References: <20010701131531.A78357@blackhelicopters.org> <20010701200306.A282@gaia.home.rdls.net> <002501c10353$b8c79120$0a00a8c0@TONY>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <002501c10353$b8c79120$0a00a8c0@TONY>; from tony@tntpro.com on Mon, Jul 02, 2001 at 08:04:24PM -0400
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Mon, Jul 02, 2001 at 08:04:24PM -0400, Tony wrote:
> what type of modification would need to be made if I was running the rules
> on a firewall instead of the webserver itself? I have gone online and read
> all the reference material I can find and can't seem to find the solution.
> 
> my firewall has two interfaces 192.168.0.1 and 207.5.xxx.xx, my webserver is
> on 192.168.0.100 I would love some help, I tried the rulse as micheal had
> them, but to no avail...
> 
> root:~# ipfw -a list
> 00050 1124169  673224297 divert 8668 ip from any to any via ed0
> 00100   10012    1012606 allow ip from any to any via lo0
> 00200       0          0 deny ip from any to 127.0.0.0/8
> 00300       0          0 deny ip from 127.0.0.0/8 to any
> 00350       0          0 pipe 1 tcp from 192.168.1.100 to any out
                                           ^^^^^^^^^^^^^        ^^^
I hope there aren't RFC1918 addresses leaving your network. See the
problem?
-- 
Crist J. Clark                           cjclark@alum.mit.edu

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message