From owner-freebsd-stable Thu Nov 30 16:45:37 2000 Delivered-To: freebsd-stable@freebsd.org Received: from netcabo.pt (mail.netcabo.pt [212.113.161.135]) by hub.freebsd.org (Postfix) with ESMTP id 996DA37B400 for ; Thu, 30 Nov 2000 16:45:34 -0800 (PST) Received: from netcabo ([213.22.29.45]) by netcabo.pt with Microsoft SMTPSVC(5.5.1877.537.53); Fri, 1 Dec 2000 00:43:34 +0000 From: "Bruno Miguel" Organization: Artists, Inc. To: "'FreeBSD Stable '" Date: Fri, 1 Dec 2000 00:42:36 -0000 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: IPFilter... Reply-To: brunomiguel@netcabo.pt Message-ID: <3A26F3FC.429.3A1DA5@localhost> In-reply-to: <71F816A89AA9D3119F4C00D0B7094EFC20633F@FIN_SYN> References: <71F816A89AA9D3119F4C00D0B7094EFC24742C@FIN_SYN> X-mailer: Pegasus Mail for Win32 (v3.12c) Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Still reading on this ipfilter for use with ppp0. I made a set of rules > andd tested them out with ipftest and it just hung there. in controlled c > out of it no problem. Whatever. what ipfilter are you using on which version of FreeBSD ? kernel, module ? > I am cinfused as to what i should use for my ip on a dynamic ppp > connection. This is really starting to get agravating. should the first line > of a set of rules be > > map ppp0 0/0 -> 0/32 ?? map ppp0 192.168.0.0/24 -> 0/32 for example. you can't redirect from everywhere to your ppp0. :-) 192.x, or any other subnet being your internal network. > if i added this then i would need to have natd running? If i have natd > running i need to use something -dynamic in my rc.conf as well ? no. Either ipnat or natd. > i'm about to give up here pretty much wasted all day at work searching for > just ONE set of examples which included device ppp0, a dynamic dialup > connection, and the use of 0/32. I don't know where these people are Did you read ipfilter how-to ? > getting these ip addresses on dynamic connections to put them in their > rulesets. do they just make up the internal ip address? No, they use addresses specifically designed for internal networks. ...:-=>> The freaking Mail Band <<=-:... brunomiguel@netcabo.pt D.E.Q. @ I.S.T. - Portugal To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message