On Mon, 10 Jul 2000, Colin wrote:
> I found this rule was the problem using ipfw show (a very useful command
> when you're building a ruleset to see what is blocking you) which is why I
> moved it. My concern is that it shouldn't block packets from an external
> source (eg www.FreeBSD.org ;) to 192.168.0.0/24. It should only block packets
> from that network incoming on the external interface. I understood natd would
> alter the dest addr on the inbound packet if it was in the table but not touch
> the source addr. Is this not the case? Or am I missing something obvious in
> the operation?
Don't forget about the return packets :)
Doug White | FreeBSD: The Power to Serve
[EMAIL PROTECTED] | www.FreeBSD.org
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message
