Date: Fri, 30 Mar 2001 16:40:15 -0600 (CST) From: Nick Rogness <nick@rogness.net> To: alexus <ml@db.nexgen.com> Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: seperation of incoming and outgoing connection in firewall Message-ID: <Pine.BSF.4.21.0103301635330.84232-100000@cody.jharris.com> In-Reply-To: <016a01c0b966$9a8cb7d0$9865fea9@book>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 30 Mar 2001, alexus wrote: > and how is it seperating incoming from outgoing? > that's what i need to know ipfw add deny tcp from any to any 110 in via fxp0 Means that the firewall will only deny tcp connects to port 110 inbound to your fxp0 ethernet card. Packets outbound via fxp0 are not denied because of the 'in via fxp0'. If you wanted to hit them it would be 'out via fxp0'. Not having the 'in/out via' statement means match any interface inbound or outbound. > > > > > in via x10 > > > > > > > > > > thats means what? > > > > > > > > Packets coming in via the interface xl0. > > Nick Rogness <nick@rogness.net> - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0103301635330.84232-100000>