From owner-freebsd-questions Tue Dec 19 18: 6: 5 2000 From owner-freebsd-questions@FreeBSD.ORG Tue Dec 19 18:06:02 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from dsl-64-193-123-121.telocity.com (dsl-64-193-123-121.telocity.com [64.193.123.121]) by hub.freebsd.org (Postfix) with ESMTP id D82D637B400 for ; Tue, 19 Dec 2000 18:06:01 -0800 (PST) Received: (from brueggma@localhost) by dsl-64-193-123-121.telocity.com (8.11.1/8.11.1) id eBK25xJ80731 for questions@freebsd.org; Tue, 19 Dec 2000 20:05:59 -0600 (CST) (envelope-from brueggma) Date: Tue, 19 Dec 2000 20:05:59 -0600 From: Eric Brueggmann To: questions@freebsd.org Subject: ipfw/gateway Message-ID: <20001219200559.A80329@snoopie.yi.org> Reply-To: brueggma@snoopie.yi.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: brueggma@dsl-64-193-123-121.telocity.com Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, I was wondering if any knows where I can find some info on setting up a firewall with ipfw and allowing all the boxes behind the gateway/firewall access to the net. I thought this would do it: # Allow all from the inside. ${fwcmd} add pass all from any to any via ${iif} ${fwcmd} add pass all from any to any out via ${oif} but it dosen't quite work. I still can't check out the web from behind the firewall. I'm using the "simple" ipfw firewall with the only modifications above. I was unable to ping the gateway/firewall from the client till I added those rules. Should I setup a proxy? But how am I gonna use napster? ;-) Or am I just plain confused on how this all works? Is there an easier way, then setting up a complicated ipfw rule set? Thanks for any input, Eric Brueggmann P.S. Please cc to my e-mail, I usually don't follow questions@. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message