Date: Thu, 7 Sep 2000 17:09:27 -0500 (CDT) From: missnglnk <missnglnk@sneakerz.org> To: Albert Yang <albert@achtung.com> Cc: freebsd-small@freebsd.org Subject: Re: Stateful Message-ID: <Pine.BSF.4.21.0009071706020.48373-100000@sneakerz.org> In-Reply-To: <39B7A867.14388.FD8738@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 7 Sep 2000, Albert Yang wrote: > Date: Thu, 7 Sep 2000 14:38:31 -0700 > From: Albert Yang <albert@achtung.com> > To: freebsd-small@freebsd.org > Subject: Stateful > > Luigi, > > Is the ipfw on your pico disk stateful? I might give it a try > tonight. Definitely looks interesting. I need a firewall and nat. > I am using a DSL router right now, but I'd like to return it and use > one of my boxes, save me $200. ipfw(8) has been stateful since 4.0-RELEASE. natd(8) will work for your NAT needs. > I like ipf because of all the ruleset languaging, it's the one that > makes the most sense, and I know that Reed has been doing this for a > while and knows what he is doing. That in no way means that the ipfw > team doesn't. ipfw add check-state ipfw add allow ip from any to any in via internalN keep-state ipfw add allow ip from any to any out via internalN keep-state ipfw add allow ip from any to any out via externalN keep-state ipfw add deny ip from any to any ...works for me. > Albert > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-small" in the body of the message > -- missnglnk@sneakerz.org http://www.sneakerz.org/~missnglnk/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-small" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009071706020.48373-100000>