>I am using ipfilter for this setup. >note: even changing rules a lot, I am unable to do this. Then I just >tryied to 'block everything for that machine':
>:=== begin >block in quick from any to 192.168.1.89 >block out quick from any to 192.168.1.89 >block in quick from 192.168.1.89 to any >:=== A simple line as above would do trick, ep0 is the interface from DMZ1 replace with your own: block in log quick on ep0 from any to any As ipfilter is statefull you will need some lines like this for keeping the state of the connection: pass out on ep0 proto tcp from any to any keep state Be shore to flush ipf: ipf -Fa -f /etc/ipf.rules -E Regards _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
