On Apr 14, 2015, at 2:09 PM, hiren panchasara <hi...@strugglingcoder.info> wrote: > Apologies if this is something silly but I want to completely eliminate > ipfw from outgoing traffic perspective. I just want to have it on > incoming. I can always add "allow ip from any to any out" as the first > rule but that is still ipfw doing something. > > Is there a way to tell ipfw to not look at outbound traffic at all? > > OR, the rule I mentioned is the best that can be done here?
Blocking outbound traffic can be more important to security than blocking inbound traffic-- for one reason, see BCP 38 / RFC-2827. The rule you've suggested is the best that can be done, aside from disabling IPFW entirely. Regards, -- -Chuck _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
