Dan Nelson wrote:
me is me. Maybe the "recv | xmit | via {ifX | if* | ipno | any}" options will help? What exactly are you trying to allow/block?
My firewall rules are based on the 'simple' pattern in rc.firewall. I've got stuff like this to explicitly allow certain connections:
# ssh ${fwcmd} add pass tcp from any to ${oip} 22 setup ${fwcmd} add pass udp from any to ${oip} 22 ${fwcmd} add pass udp from ${oip} 22 to any # Allow DNS queries out in the world ${fwcmd} add pass udp from ${oip} to any 53 keep-state # Allow NTP queries out in the world ${fwcmd} add pass udp from ${oip} to any 123 keep-state where ${oip} is my external IP adress (ie. the one that changes every now and again) --Jon http://www.witchspace.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message