On Sunday 19 October 2003 5:19 pm, you wrote: > First, as somebody else suggested, either use numbers on every rule > or none at all. Second, you want to keep-state only on setup, not > on every tcp packet going in either direction, as that will be wide > open. Third, you don't seem to have any rule allowing udp, so dns > lookups are not likely to work. Fourth, did you actually put the > rules into effect? If so, you should see entries in the logs when > packets are denied. Fifth, the rule with 192.168 in it will never > fire, as the address will have been translated by natd before it > gets there. > > Doing ipfw list will show you the rules that exist, and ipfw -atde list > will show you which rules have matched and when.
Hmm .. Ok thanks again for your reply. I probably understood 5% of that though ;) I will go and search on google for some of the pointers you've given me .. but I am finding this really hard..it took me absolutely ages just to get that far. Once again thanks for your help! _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
