Date: Thu, 30 Sep 2004 01:14:52 -0700 From: Roisin Murphy <Roisin.Murphy@gmail.com> To: freebsd-questions@freebsd.org Subject: filtering aliasIP from the primaryIP with IPF Message-ID: <b21e6cca04093001141482b337@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
hi my freebsd machine is 192.168.1.34 with one jail running on 192.168.1.35 (dc0_alias), and i have one more separate win2k box: 192.168.1.33, i want to filter that jail with ipf, so that it cannot access anything running on that win2k machine and anything bind to the primary fbsd IP, but i want to be still able to ssh into that .35 jail filtering the win2k box worked as expected: pass in quick on dc0 proto tcp from 192.168.1.33 to 192.168.1.35 port = 22 flags S keep state block out quick on dc0 proto tcp/udp from 192.168.1.35 to 192.168.1.33 keep state keep frags but that primary fbsd IP, since its the same dc0 interface, i dont know how to write that rule... anyone? thanks
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b21e6cca04093001141482b337>