Date: Mon, 2 Jul 2001 22:32:43 -0700 From: "Crist J. Clark" <cristjc@earthlink.net> To: Tony <tony@tntpro.com> Cc: Richard Smith <rdls@rdls.net>, Michael Lucas <mwlucas@blackhelicopters.org>, questions@FreeBSD.ORG Subject: Re: dummynet question Message-ID: <20010702223243.I312@blossom.cjclark.org> In-Reply-To: <002501c10353$b8c79120$0a00a8c0@TONY>; from tony@tntpro.com on Mon, Jul 02, 2001 at 08:04:24PM -0400 References: <20010701131531.A78357@blackhelicopters.org> <20010701200306.A282@gaia.home.rdls.net> <002501c10353$b8c79120$0a00a8c0@TONY>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 02, 2001 at 08:04:24PM -0400, Tony wrote:
> what type of modification would need to be made if I was running the rules
> on a firewall instead of the webserver itself? I have gone online and read
> all the reference material I can find and can't seem to find the solution.
>
> my firewall has two interfaces 192.168.0.1 and 207.5.xxx.xx, my webserver is
> on 192.168.0.100 I would love some help, I tried the rulse as micheal had
> them, but to no avail...
>
> root:~# ipfw -a list
> 00050 1124169 673224297 divert 8668 ip from any to any via ed0
> 00100 10012 1012606 allow ip from any to any via lo0
> 00200 0 0 deny ip from any to 127.0.0.0/8
> 00300 0 0 deny ip from 127.0.0.0/8 to any
> 00350 0 0 pipe 1 tcp from 192.168.1.100 to any out
^^^^^^^^^^^^^ ^^^
I hope there aren't RFC1918 addresses leaving your network. See the
problem?
--
Crist J. Clark cjclark@alum.mit.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010702223243.I312>