Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 12 Dec 2000 20:25:09 -0500
From:      "Chris Browning" <brownicm@prokyon.com>
To:        <freebsd-ipfw@FreeBSD.ORG>, <carlos@rjstech.com>
Subject:   Re: sigh, today is just not my day.
Message-ID:  <200012130132.UAA14202@mail2.lig.bellsouth.net>
In-Reply-To: <000101c06493$46aa2620$fadef9ce@rjstech.com>

next in thread | previous in thread | raw e-mail | index | archive | help
<snip> 
> My machine(win98) 		freebsd machine
> ip 192.168.1.250			192.168.1.225 (inside interface)
> netmask 255.255.255.224		255.255.255.224
> its gateway 192.168.1.225 (the firewall machine)
> is dns servers are the same
> as the freebsd machines (ie our isp dns servers)
> 
> right.  So the freebsd machine can see the out side world.  When I have my
> machine behind the firewall I cant see Jack (if at all).  What I am doing
> wrong?  Any help will be appreciated.  I have been poring over the freebsd
> website, freebsddiary.org, and other sites.
> you guys/gals rock
> 
> -Carlos Andrade
> ----

I haven't had time to work through all your rules, and I'm 
no pro, but I would look carefully at the RFC1918 and 
draft-manning rules that have to do with 192.168.x.x. I've 
gotten burned a couple of times forgetting that the 
packets go to natd first and then back through the ruleset 
with their addrs re-written, if I'm not mistaken. It looks like 
you have that covered, but again, I'm not a pro. Anyone 
else?

Hope it helps...
--------------------------

Chris Browning
brownicm@prokyon.com

------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012130132.UAA14202>