Date: Mon, 24 Jul 2000 22:32:38 -0500 From: Stephen Montgomery-Smith <stephen@math.missouri.edu> To: Mike Hoskins <mike@adept.org> Cc: freebsd-security@freebsd.org Subject: Re: Problems with natd and simple firewall Message-ID: <397D0A56.E695E55C@math.missouri.edu> References: <Pine.BSF.4.21.0007241258250.24335-100000@snafu.adept.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Hoskins wrote: > > As for a dynamic rule... I have the following setup: > > divert 8668 ip from any to any via oif > allow ip from any to any via lo0 > deny ip from any to 127.0.0.0/8 > # specific deny/logs to monitor port scans/etc > check-state > allow ip from oip to any keep-state > allow ip from inw to any keep-state > # specific allows i want > deny ip from any to any > I read the ipfw man page, and it is so terse on this subject that I cannot understand it. Like many man pages, it gives a lot of details, but does not provide the overall picture. If anyone could tell me the overall picture of what dynamic rules are about - give me a start and a context so that the man page makes sense, I would really appreciate it. -- Stephen Montgomery-Smith Department of Mathematics, University of Missouri, Columbia, MO 65211 Phone 573-882-4540, fax 573-882-1869 http://www.math.missouri.edu/~stephen stephen@math.missouri.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397D0A56.E695E55C>