From owner-freebsd-security Tue Aug 7 9:39: 9 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.roe35.lth2.k12.il.us (unknown [209.175.240.58]) by hub.freebsd.org (Postfix) with ESMTP id E969E37B406 for ; Tue, 7 Aug 2001 09:39:04 -0700 (PDT) (envelope-from dallen@roe35.lth2.k12.il.us) Received: from dougs_laptop (dougs_laptop [209.175.240.20]) by mail.roe35.lth2.k12.il.us (8.9.3/8.9.3) with ESMTP id LAA43336; Tue, 7 Aug 2001 11:43:07 -0500 (CDT) (envelope-from dallen@roe35.lth2.k12.il.us) Message-ID: <200108071144420009.010A8E5B@mail.roe35.lth2.k12.il.us> In-Reply-To: <20010807185037.B495@ringworld.oblivion.bg> References: <200108071050370603.00D90CE5@mail.roe35.lth2.k12.il.us> <20010807185037.B495@ringworld.oblivion.bg> X-Mailer: Calypso Version 3.00.01.02 (1) Date: Tue, 07 Aug 2001 11:44:42 -0500 From: "Douglas G. Allen" To: "Peter Pentchev" Cc: freebsd-security@freebsd.org Subject: Re: ipfw question Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Peter, >I don't think the 'client' firewall rules per se are supposed to work >for more than one IP address. You'll need to take them as a base, and >write up your own firewall script. I added several sets of rules and had rules for the network, the true= address, and the alias. The network and regular address rules worked, but= the alias rules didn't. I could just drop the rules into another file and have it called during= boot. I just figured that since rc.firewall got called anyway, I'd use= what was already provided and try to avoid reinventing the wheel. Doug To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message