I have a very simple firewall - it*blocks everything*, and the only
traffic that is allowed is for internal clients to make outbound
connections to tcp port 40.
Also, internal clients can ping/traceroute.
But that's it - no other connections in or out are allowed. I have this
ruleset and i
On Tue, 9 Sep 2014, Ian Smith wrote:
On Tue, 9 Sep 2014 19:33:05, Ian Smith wrote:
> add 1000 divert natd ip from any to any in recv xl0
> add 2000 divert natd ip from any to any out xmit xl0
Oops, 'ip' should nowadays be 'ip4|ipv4' for divert rules, if ip6 is
configured on that interface
Hi Ryan,
Thanks for responding.
Just for the record, I removed my natd and ipdivert lines, so that
sshuttles divert rules were the only rules on the system ... I made my
system work without my own natd/divert by putting some static route
definitions into rc.conf.
Anyway, it still worked fi
Hello,
For many years I would build FreeBSD firewalls and they would be very,
very simple - I just set gateway_enable="yes" in rc.conf and everything
just worked.
However, these firewalls *always* had real, routable IPs no both sides.
Both interfaces had real, routable IPs.
Now I have a f
I would like to use sshuttle (http://github.com/apenwarr/sshuttle) on
FreeBSD.
I have it working for TCP connections, but it does not properly tunnel DNS
requests. The documentation for sshuttle says that ipfw forward rules
will not properly forward UDP packets, and so when it runs on FreeB
