Date: Sun, 7 Nov 2004 11:13:29 -0800 From: gabriel <normal1.lists@gmail.com> To: David Banning <david+dated+1100285826.d4e990@skytrackercanada.com> Cc: questions@freebsd.org Subject: Re: ipfw allowing browser only Message-ID: <efb8582041107111319789540@mail.gmail.com> In-Reply-To: <20041107185705.GA6526@skytrackercanada.com> References: <20041107185705.GA6526@skytrackercanada.com>
next in thread | previous in thread | raw e-mail | index | archive | help
did ya restart natd after making that change? - does it work without the deny rule? On Sun, 7 Nov 2004 13:57:05 -0500, David Banning <david+dated+1100285826.d4e990@skytrackercanada.com> wrote: > I am trying to filter out all traffic except browser traffic. > So I tried > > 01000 allow tcp from any to 192.168.1.6 80 > 01100 allow udp from any to 192.168.1.6 80 > 01200 deny ip from any to 192.168.1.6 > 65535 allow ip from any to any > > But this does not allow browser traffic. > > I have my browser traffic redirected via ipnat - ipnat rules are; > > rdr dc0 127.0.0.1/0 port 80 -> 192.168.1.1 port 8180 tcp > > I don't know what comes first, the redirect or the firewall, so maybe > I should be allowing traffic to 8180? > > My host is 192.168.1.1 and the win browser is at 192.168.1.6 > > Any help here would be appreciated. > > -- > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- gabriel, Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?efb8582041107111319789540>