2008/3/6, Erik Norgaard [EMAIL PROTECTED]: > > You can add log statements to your nat rules to see which is applied. > > > pass quick proto icmp from any to any keep state > > pass quick from $adm_net to $cefet_servers keep state > > pass quick from $cefet_servers to $adm_net keep state > > It appears that ping is passed by the first rule, but other protocols > are not matched in the second/third rule. > > > block quick from any to $cefet_net > > block quick from $cefet_net to any > > Then it is probably blocked here.
Thankz, brother, it worked. I need the nat to work with the firewall config of the other school. Then, I saw in the log that the traffic going through the 10.10.0.50 (my if) to the servers was being blocked. For me saying that adm_net should communicate with cefet_server would be enough to the firewall understand that it should pass trough any if on the way. I know my config is far away from a good config but it's the first time I configure an firewall, and I have only basic english knowledge, I'm not totally sure about I can and I can not do, even since I read the tutorials, because my english skills aren't good enough. The "IN" and "OUT" stuff is very confusing for me yet. But thankz a lot, it's working now. Hugs, Alaor Neto _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
