Date: Tue, 25 Jun 2002 23:02:36 +0200 From: Thomas Wolf <net@wsf.at> To: freebsd-ipfw@freebsd.org Subject: interface check for packets originating from the local host ? Message-ID: <20020625205854.ZGGS9315.viefep13-int.chello.at@there>
next in thread | raw e-mail | index | archive | help
Hi there, "packets originating from the local host have no receive interface" but is it possible/planned/nonsense to filter on exactly this condition, something like: 'allow all from any to any out recv none xmit xxx0' ? I am experimenting with a ruleset for several interfaces and I try to design the rules on src/dst - interface and this would help to distinguish 'natted' packets from locally generated ones when they are leaving the system. Thanks in advance Thomas PS (slightly OT): Should the punch_fw option in natd also create rules for outgoing passive ftp ? It does not (at least on my 4.5 Box) but I wonder if it is my fault, a bug or a feature :-) PPS: would this be the right list to post my ruleset asking for comments when it is finished ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020625205854.ZGGS9315.viefep13-int.chello.at>