Date: Sat, 21 Sep 1996 22:34:57 -0400 (EDT) From: Keith Mitchell <kmitch@phantasma.bevc.blacksburg.va.us> To: ali@axis.axisnet.net (Ali Lomonaco) Cc: questions@freebsd.org Subject: Re: SOCKS5 Question Message-ID: <199609220234.WAA25146@phantasma.bevc.blacksburg.va.us> In-Reply-To: <Pine.LNX.3.93.960921183300.1334A-100000@axis.axisnet.net> from Ali Lomonaco at "Sep 21, 96 06:35:09 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> Thank you, I don't get that permit and deny entries. The ip's in > it that is. I also don't want any authentication, do I take out that auth > line? And ed1 is the proxied network and ed0 is the internet. Basically, the auth line says allow any authentication (default). The permit says allow any OUTGOING packets from 10.10.10.12 or 127.0.0.1 with a netmask of 255.0.0.0 (entire class A) of 255.0.0.0 (entire class A) The deny line rejects any INCOMING packets destined for 10.10.10.12 with a netmask of 255.0.0.0 (entrie class A). This is just a firewall security feature. Packets destined for the 10 network SHOULD never reach your machine, but just to be safe ;-) The route entries should be pretty much self explanitory. Route all internal packets via the internal interface. All of the external ones via the external packets. The noproxy line is optional. It is there for a placeholder only. # # Authentication entries # auth 10.10.10.12/255.0.0.0 - n # # Access entries # permit - - 127.0.0.1 - - - permit - - 10.10.10.12/255.0.0.0 - - - deny - - - 10.10.10.12/255.0.0.0 - - # # route entries # route 10.10.10.12/255.0.0.0 - ed1 route 0.0.0.0/0.0.0.0 - ed0 noproxy - - - -
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609220234.WAA25146>