Hi all,
I have two separate LANs (one 10.0.1.0/24 and the other 10.0.2.0/24). Both are
connected to FreeBSD 8.2 router (ifaces em1 and em2).
To em0 I have my ISP (10.0.0.0/24) connected.
The idea is to share the Internet connection to both networks, and block any
traffic between them.
I was trying to set up the firewall like this:
#!/bin/sh
cmd="ipfw -q"
$cmd flush
$cmd add 50 check-state
$cmd add 80 divert natd ip from any to any via em0
$cmd add 100 allow ip from any to me
$cmd add 101 allow ip from me to any
$cmd add 200 allow ip from 10.0.1.0/24 to 10.0.0.0/24 keep-state
$cmd add 300 allow ip from 10.0.2.0/24 to 10.0.0.0/24 keep-state
But it doesn't really work for me
when I set at the end:
$cmd add 500 allow ip from any to any
It works but it allows also traffic between LANs.
Regards,
--
Marek Salwerowicz
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
