Date: Fri, 2 Nov 2001 11:44:52 -0800 From: "Crist J. Clark" <cristjc@earthlink.net> To: John Massier <j_massier@hotmail.com> Cc: ipfw@FreeBSD.ORG Subject: Re: IN/OUT Message-ID: <20011102114452.M4360@blossom.cjclark.org> In-Reply-To: <F11RnMbzrlRK8Nn97Yr000199b1@hotmail.com>; from j_massier@hotmail.com on Fri, Nov 02, 2001 at 05:44:42PM %2B0100 References: <F11RnMbzrlRK8Nn97Yr000199b1@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Nov 02, 2001 at 05:44:42PM +0100, John Massier wrote:
> Hi, I´m a newbie in IPFW and i´m a bit confused with something.
>
> I can´t see the difference when you add a new rule between using <from
> source to destination> to imply the way of the packet and using in/out.
>
> What´s the real use of in/out?? Does this way imply direction?? Or in/out
> are only used for specify interfaces??
In a typical firewall when a packet passes through we have a situation
like,
wire ----> firewall ----> wire
in out
Where "in" and "out" are marked appropriately. Note that I have _not_
specified internal or external interfaces of the firewall. Generally,
"in" indicates the packet has just been received by the machine from
the network, and "out" means that the packet is about to be put out
onto the wire.
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011102114452.M4360>