From owner-freebsd-questions Tue Jan 23 5:48:15 2001 Delivered-To: freebsd-questions@freebsd.org Received: from post.mail.nl.demon.net (post-10.mail.nl.demon.net [194.159.73.20]) by hub.freebsd.org (Postfix) with ESMTP id 2F83D37B699 for ; Tue, 23 Jan 2001 05:47:58 -0800 (PST) Received: from [195.11.243.26] (helo=Debug) by post.mail.nl.demon.net with smtp (Exim 3.14 #2) id 14L3ng-00068r-00 for questions@freebsd.org; Tue, 23 Jan 2001 13:47:56 +0000 To: questions@freebsd.org From: Cliff Sarginson Subject: YANQ - yet another NAT question Date: Tue, 23 Jan 2001 13:47:56 GMT X-Mailer: www.webmail.nl.demon.net X-Sender: postmaster@btvs.demon.nl X-Originating-IP: 192.250.24.58 Message-Id: Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I know there are nat experts in the house :) I posted a long boring message a while ago about nat/ipfw/ppp..no one answered it :(. I will try again.. The documentation on nat/ipfw/ppp is somewhat contradictory. In short I want to firewall my PPP gateway to my ISP so that from my local newtork everything is allowed out, including all local access to the gateway itself. On the way in I want to allow: SMTP Replies to DNS NNTP NTP SSH HTTP FTP Do I use IPFW or is it better to use the PPP filter mechanism ? Are there any known working examples of IPFW for this, I am danged if I can get the IPFW commands to do what I want, and the examples .. well either I don;t understand them, or they don;t work.. :( I think I understand the concepts, I know what I want. I am syntactically challenged however.. Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message