Gaby vanhegan wrote: > $if_in="xl0"
$if_out="xl1" pass in on $if_in keep state pass out on $if_out keep state
Ok, let's stick to that example. Imagine a firewall having three interfaces connecting Internet, LAN and DMZ. When I would like to allow SMTP traffic to my mail server in the DMZ, from LAN _and_ Internet, where would you filter?
Thanks, -- Stephan A. Rickauer ---------------------------- Institut f|r Neuroinformatik Universitdt / ETH Z|rich Winterthurerstriasse 190 CH-8057 Z|rich Tel: +41 44 635 30 50 Sek: +41 44 635 30 52 Fax: +41 44 635 30 53 http://www.ini.ethz.ch ----------------------------
