Date: Fri, 30 Mar 2001 17:35:26 -0500 From: "alexus" <ml@db.nexgen.com> To: "Nick Rogness" <nick@rogness.net> Cc: <freebsd-ipfw@FreeBSD.ORG> Subject: Re: seperation of incoming and outgoing connection in firewall Message-ID: <01a401c0b969$c3d9f640$9865fea9@book> References: <Pine.BSF.4.21.0103301635330.84232-100000@cody.jharris.com>
next in thread | previous in thread | raw e-mail | index | archive | help
ahh now i got it thanks:) ----- Original Message ----- From: "Nick Rogness" <nick@rogness.net> To: "alexus" <ml@db.nexgen.com> Cc: <freebsd-ipfw@FreeBSD.ORG> Sent: Friday, March 30, 2001 5:40 PM Subject: Re: seperation of incoming and outgoing connection in firewall > On Fri, 30 Mar 2001, alexus wrote: > > > and how is it seperating incoming from outgoing? > > that's what i need to know > > ipfw add deny tcp from any to any 110 in via fxp0 > > Means that the firewall will only deny tcp connects to port 110 inbound to > your fxp0 ethernet card. Packets outbound via fxp0 are not denied because > of the 'in via fxp0'. If you wanted to hit them it would be 'out via > fxp0'. Not having the 'in/out via' statement means match any interface > inbound or outbound. > > > > > > > > in via x10 > > > > > > > > > > > > thats means what? > > > > > > > > > > Packets coming in via the interface xl0. > > > > > > Nick Rogness <nick@rogness.net> > - Keep on Routing in a Free World... > "FreeBSD: The Power to Serve!" > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01a401c0b969$c3d9f640$9865fea9>