On Jul 18, 2011, at 12:17 PM, David van Rensburg - PC Network wrote:
> In can mean traffic going from the lan to the internet AND from the
> internet to the lan because either way it goes into the box as if flows
> through the box correct?
Yes, I think so. Most people seem to prefer to use "recv
On Jul 18, 2011, at 10:41 AM, David van Rensburg - PC Network wrote:
> Ive been having a problem with ipfw and nat. I can get nat to work but I want
> the following:
> My lan must only have access to outgoing port 80
For web access to be useful for most cases, you also need to permit 443 for
HTT
>
>Ok so why cant I resolve names here.. Ive added rule 20 and 21
Ive deleted rule 60 then I cant telnet mailserver 25 so the set seems to
be working...
[root@bsd ~]# ipfw show
5 589 53220 allow ip from any to any via alc0
00010 0 0 allow ip from any to any via lo0
00011 0 0 fwd
On Jul 18, 2011, at 11:53 AM, David van Rensburg - PC Network wrote:
> Yes sorry - I suppose I was assuming that goes without saying.
Well, you can't design working firewall rulesets with unstated requirements.
> Will open 443 for https and close 80 and do a transparent squid proxy
> which I got
