Dan Nelson wrote:
me is me. Maybe the "recv | xmit | via {ifX | if* | ipno | any}"
options will help? What exactly are you trying to allow/block?
My firewall rules are based on the 'simple' pattern in rc.firewall.
I've got stuff like this to explicitly allow certain connections:
# ssh
${fwcmd} add pass tcp from any to ${oip} 22 setup
${fwcmd} add pass udp from any to ${oip} 22
${fwcmd} add pass udp from ${oip} 22 to any
# Allow DNS queries out in the world
${fwcmd} add pass udp from ${oip} to any 53 keep-state
# Allow NTP queries out in the world
${fwcmd} add pass udp from ${oip} to any 123 keep-state
where ${oip} is my external IP adress (ie. the one that changes
every now and again)
--Jon
http://www.witchspace.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
