From owner-freebsd-net Sat May 19 23:23:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from mario.zyan.com (mario.zyan.com [209.250.96.140]) by hub.freebsd.org (Postfix) with ESMTP id 6B06E37B424 for ; Sat, 19 May 2001 23:23:57 -0700 (PDT) (envelope-from orville@weyrich.com) Received: from dopey.weyrich.com (orville@node-64-249-12-250.dslspeed.zyan.com [64.249.12.250]) by mario.zyan.com (8.9.3/8.9.3) with ESMTP id XAA87589 for ; Sat, 19 May 2001 23:23:52 -0700 (PDT) (envelope-from orville@weyrich.com) Received: from localhost (orville@localhost) by dopey.weyrich.com (8.9.3/8.6.9) with ESMTP id XAA04647 for ; Sat, 19 May 2001 23:07:48 -0700 Date: Sat, 19 May 2001 23:07:48 -0700 (MST) From: "Orville R. Weyrich.Jr" Cc: "Freebsd Net (E-mail)" Subject: Restricting traffic on one interface In-Reply-To: <200105191755.f4JHtbe85136@arch20m.dellroad.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi -- I have a dual homed FreeBSD-4.3 machine and want to restrict traffic on one interface but not the other (one interface is to a trusted network and the other is not). What I want is the untrusted interface to only present SMTP and HTTP ports, while the trusted interface presents telnet, ftp, NFS, SMB, etc. What is the best way to do this? The machine does NOT have IP forwarding enabled. ------------------------------------------------------------------- Orville R. Weyrich, Jr. Weyrich Computer Consulting mailto:orville@weyrich.com KD7HJV http://www.weyrich.com ------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message