Date: Thu, 13 Dec 2001 21:01:27 +0100 From: Peter Wolkerstorfer <a9203537@unet.univie.ac.at> To: freebsd-questions@freebsd.org Subject: Re: please help on 1(one) ipf rule - still not working Message-ID: <3C190917.AD60F415@unet.univie.ac.at> References: <3C187D20.E1901AD5@unet.univie.ac.at> <20020112132633.E31058@b1n.org>
next in thread | previous in thread | raw e-mail | index | archive | help
dear listmembers, THX to BinarySoul and Mark Woodson for their hints. with their info i adopted the ipf.rules (ipf v.3.4.20 on fbsd 4.4.) like this: pass out quick on rl1 proto tcp from 192.168.0.0/16 to any flags S/SA keep state pass out quick on rl1 proto udp from 192.168.0.0/16 to any keep state pass out quick on rl1 proto icmp from 192.168.0.0/16 to any keep state block in on rl1 all rl1 is the interface to external network, rl0 is internal network. what i want to do: block ALL incoming traffic from the internet (also ssh) but connect to the firewall from the internal network. problem: i can't ssh-login from INTERNAL network to the firewall (which is probably that i cannot ssh-login from 192.168.0.11 to 192.168.0.1; 192.168.0.1 is the firewall and the corresponding interface is rl0) BUT: i can do everything i want (including SSH) OVER the firewall i tried pass in quick on rl0 all before the block to let me in with ssh on the rl0 interface but it also didn't work; any ideas? THX in advance peter "wolki" wolkerstorfer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C190917.AD60F415>