First of all, thanks for the assistance!
Glynn Clements wrote:
>
> > ipfwadm -I -a deny aaa.bbb.ccc.ddd -S 192.168.1.0/24 -D 0.0.0.0/0
> > ipfwadm -I -a deny aaa.bbb.ccc.ddd -s aaa.bbb.ccc.ddd -D 0.0.0.0/0
>
> This syntax is bogus. Did you mean to have a -V in there somewhere?
Ummm, yup. I dropped it when I copied that line from a book! If I remember to include
the -V in there before the aaa.bbb.ccc.ddd would it then deny packets with the
192.168.1.0/24 network address from coming in the aaa.bbb.ccc.ddd interface?
> Your original rules are OK, although I would add an interface
> specification, i.e.
>
> ipfwadm -F -p deny
> ipfwadm -F -a m -S 192.168.1.0/24 -W eth1
>
> (assuming that eth1 is the external interface).
What does the -W eth1 do? Does it tell it to only Masquerade from the eth1? So if
eth1
was connected to the local network (192.168.1.0) then only packets coming in that
interface would be masqueraded.
--
Chuck Gadd
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
