From owner-freebsd-hackers Fri Apr 25 03:29:21 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id DAA06525 for hackers-outgoing; Fri, 25 Apr 1997 03:29:21 -0700 (PDT) Received: from smtp.enteract.com (qmailr@char-star.rdist.org [206.54.252.22]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id DAA06520 for ; Fri, 25 Apr 1997 03:29:20 -0700 (PDT) Received: (qmail 12244 invoked from network); 25 Apr 1997 10:29:18 -0000 Received: from enteract.com (mrfoine@206.54.252.1) by char-star.rdist.org with SMTP; 25 Apr 1997 10:29:18 -0000 Date: Fri, 25 Apr 1997 05:29:18 -0500 (CDT) From: Wayne Baety To: Darren Reed cc: Chris Coleman , hackers@FreeBSD.ORG, ipfilter@coombs.anu.edu.au Subject: Re: IPFILTER In-Reply-To: <199704231153.EAA25862@hub.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk I couldnt even get it to compile under freebsd current... after unpacking the ip_fil3.2a4 package i did... make freebsd22 and got this output: alaska /root/tmp/ipfil % cd ip_fil3.2a4 alaska /root/tmp/ipfil/ip_fil3.2a4 % make freebsd22 if [ ! -d BSD/`uname -m` ] ; then mkdir BSD/`uname -m`; fi Can't find ioconf.h *** Error code 1 Stop. what gives??? Read the readmes....couldnt figure out what to do On Wed, 23 Apr 1997, Darren Reed wrote: > In some mail from Chris Coleman, sie said: > > > > I am running IPNAT and > > Currently i have this as the only rule in my rule set, so everyone comes > > back as the same person from the DNS. > > > > map fxp0 10.0.0.0/8 -> 208.8.136.10/32 portmap tcp/udp 10000:65000 > > > > I would like to split up the domain in to 5 sections (according to > > buildings) and map all the buildings separately to different ip addresses. > > And have the last rule catch all of the other connections and run them > > through current ip address. > > > > I tried to do this, but couldn;t figure out how to make a rule to "catch > > all" of the remaining ones. Do rules have precedence? what if i just > > want to map one ip address to a specific ip address and catch all the > > rest through the normal rules? > > Rules are parsed, top to bottom. > > So if you put your "catch-all" last, it will work. > > Darren >