Hi,
I just want to know how to handle properly packets which pass through
the firewall...
I can handle for all packets coming to all interface of my firewall and
the same with outgoing packets by using in/out with statement "on
$interface"
But what about forwarding packets ?
With iptables
we can set a rule: iptables -t filter -A FORWARD -i eth0 -o eth1 etc....
With packet filter how can I have a such way of processing my packet ?
If a setup a rule pass in on $if_internal inet proto tcp \
from $internal_networks to any \
flags S/SA modulate state
The packet from my internal networks can also exit on my DMZ interfaces !
Is the only way to setup that is to specify a destination with
! { $dmz_networks1, $dmz_networks2 } ?
Thx for any help.
Regards
Guillaume
--
Guillaume
E-mail: silencer_<at>_free-4ever_<dot>_net
Blog: http://guillaume.free-4ever.net
----
Site: http://www.free-4ever.net
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
