Date: Thu, 01 Jun 2000 13:09:30 -0700 From: Patrick Burm <patb@commlitho.com> To: freebsd-questions@FreeBSD.org Subject: natd and ipfw help Message-ID: <4.3.1.2.20000601130436.00b3a940@commlitho.com>
next in thread | raw e-mail | index | archive | help
I am trying to restrict access to the internet. Currently I have a working Natd that allows everyone access to the internet. I wish to restrict full access to certain addresses while preserving access to email to everyone. I posted earlier with a ruleset that used multiple diverts, and have now tried this ruleset: 00100 228 15147 allow udp from 192.168.73.0/24 to any 53 00200 374 16844 allow tcp from 192.168.73.0/24 to any 110 00200 38 4474 allow ip from any to any via lo0 00300 26 6044 allow tcp from 192.168.73.0/24 to any 25 00300 0 0 deny ip from any to 127.0.0.0/8 00400 0 0 allow ip from 192.168.73.11 to any 00500 356 44259 deny ip from 192.168.73.0/24 to any 00600 252 31124 divert 8668 ip from any to any 65000 251 31064 allow ip from any to any 65535 0 0 deny ip from any to any This one allows access to servers on my own public net, but not the internet. If anyone has setup restrictions this way, please help :) -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.1.2.20000601130436.00b3a940>