Date: Sat, 5 Aug 2000 11:54:31 -0700 From: "Dan O'Connor" <dan@mostgraveconcern.com> To: <rshea@opendoor.co.nz>, <freebsd-questions@FreeBSD.ORG> Subject: Re: NATD/"spoofing" and IPFW Message-ID: <00e001bfff0e$97319fa0$029b140a@danco>
next in thread | raw e-mail | index | archive | help
>... but I find that machines within the LAN (W9x machines
>FWIW)
>cannot 'get out' if I retain the rules
>
>${fwcmd} add deny all from 192.168.0.0/16 to any via ${oif}
>${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif}
Hi, Richard!
Change:
${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif}
to:
${fwcmd} add deny all from any to 192.168.0.0/16 out via ${oif}
I did this with my 10.0.0.0/8 rule (since that's the internal net I'm
using), but failed to include it in the other rules :-(
The oversight will be corrected shortly! :-)
--Dan
--
Dan O'Connor
On Matters of Most Grave Concern
http://www.mostgraveconcern.com
FreeBSD Cheat Sheets
http://www.mostgraveconcern.com/freebsd/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00e001bfff0e$97319fa0$029b140a>