From owner-freebsd-ipfw@FreeBSD.ORG  Tue Apr 14 21:09:09 2015
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 1E4265E2
 for <freebsd-ipfw@freebsd.org>; Tue, 14 Apr 2015 21:09:09 +0000 (UTC)
Received: from mail.strugglingcoder.info (strugglingcoder.info [65.19.130.35])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits)) (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0A718BD
 for <freebsd-ipfw@freebsd.org>; Tue, 14 Apr 2015 21:09:08 +0000 (UTC)
Received: from localhost (unknown [10.1.1.3])
 (Authenticated sender: hiren@strugglingcoder.info)
 by mail.strugglingcoder.info (Postfix) with ESMTPSA id 03D3210CF85;
 Tue, 14 Apr 2015 14:09:02 -0700 (PDT)
Date: Tue, 14 Apr 2015 14:09:01 -0700
From: hiren panchasara <hiren@strugglingcoder.info>
To: freebsd-ipfw@freebsd.org
Cc: nitroboost@gmail.com
Subject: ipfw on just inbound and not outbound
Message-ID: <20150414210901.GA10620@strugglingcoder.info>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="45Z9DzgjV8m4Oswq"
Content-Disposition: inline
User-Agent: Mutt/1.5.23 (2014-03-12)
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw/>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Apr 2015 21:09:09 -0000


--45Z9DzgjV8m4Oswq
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Apologies if this is something silly but I want to completely eliminate
ipfw from outgoing traffic perspective. I just want to have it on
incoming. I can always add "allow ip from any to any out" as the first
rule but that is still ipfw doing something.

Is there a way to tell ipfw to not look at outbound traffic at all?

OR, the rule I mentioned is the best that can be done here?

cheers,
Hiren

ps: Please keep me cc'd as I am not subscribed.

--45Z9DzgjV8m4Oswq
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)

iQF8BAEBCgBmBQJVLYHtXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBNEUyMEZBMUQ4Nzg4RjNGMTdFNjZGMDI4
QjkyNTBFMTU2M0VERkU1AAoJEIuSUOFWPt/l0ugH/iPZ0pLEEMsTi5o1a32ka8T9
DeVPvHgDme+9RBrSuklU5oqAWHFyQvHGP1nc87VnIcRmZM32c73+YVdEcC+HUizT
OLd2Xs8i03nZENbIOG4ZQmCxSTw3ryPJNm9bjgclOv5X1/B9StyIQjkEM4bdCdk2
7sGVynmU2nXKW7d6WYZcVzfHdZA06gr+1uLr8OzeEcYXLrx5ptbvXmMSMIknSIi3
eH2xpTi/m+H1e4U6bYCey2ln6qf8NGBfYbNqtcyZMLJDT7Na+Rs80DcyE1a7Z1tf
u+hhsqs96AnBGjbPKkQYFwgdgZ+ZUAfQb0bkDFR7Ti7lG4HaMaLktMHKjOevS7c=
=4l5N
-----END PGP SIGNATURE-----

--45Z9DzgjV8m4Oswq--