sorry about last message...!! I am experimenting with IPFW firewalls and have hit a roadblock. I am trying to allow ssh, mail, dns requests, pings and traceroutes out, but not in and webmin (port 10000). I am hitting a roadblock on mail and pings out. Hope someone can help me...I am new to this and donīt understand firewall rules syntax fully. I have funded my own lab to experiment with this fun and powerful stuff...
some more notes. Firewall:two intefaces fxp0: 192.168.0.2/29 connected to router connected to DSL demarc (eventually I will get rid of this router and replace with BSD firewall, but for now, I need for it to stay...partly because I can only experiment with one thing at a time and because I have wireless laptops that connect to this router.:-) fxp1: 192.168.1.1/255.255.255.0: is gateway for 10 other hosts all in the 192.168.1 network. Rules I am using: > add 21 deny log all from any to any in frag via fxp0 > add 1000 allow tcp from any to any established > add 2000 allow tcp from any to 192.168.0.0/29 22,25,10000 setup > add 3000 allow udp from 192.168.0.0/29 to any 53 > add 4000 allow udp from any 53 to 192.168.0.0/29 > add 5000 pass all from any to any via lo0 > add 6000 pass all from any to 127.0.0.0/8 Would appreciate comments on what this simple rules file should look like. thx! ===== Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message