--------- Forwarded Message ---------
DATE: Tue, 25 Feb 2003 16:06:22
From: "Joshua Lokken" <[EMAIL PROTECTED]>
To: "Questions" <[EMAIL PROTECTED]>
Primary harddisk failed on my 4.7-release gateway (ipfw+natd) box last weekend, and I
had not backed things up properly. Attached is my ipfw ruleset. After the rebuild, I
rewrote things from memory.
When I remove the default deny rule from the list, nat works fine, port redirections
and all, but with the deny rule in place, nat isn't working, so I'm thinking I have a
rule in the wrong place. Can anyone point out any obvious missing/misplaced rules
here? Thanks much.
FreeBSD: The Power to Serve!
--------- End Forwarded Message ---------
My apologies for the missing attachment...
and for the M$ formatted file ;(
Need a new email address that people can remember
Check out the new EudoraMail at
$fwcmd -f flush
$fwcmd add allow all from any to any via lo0
$fwcmd add divert natd all from any to any via $oif
$fwcmd add allow tcp from any to $oip 22,80,443,6346,22002,22003,22010 setup
$fwcmd add allow tcp from any to any established
$fwcmd add allow icmp from any to any icmptypes 3,4,11,12
$fwcmd add check-state
$fwcmd add allow ip from $oip to any keep-state out via $oif
$fwcmd add allow ip from $inwr to any keep-state via $iif
$fwcmd add 65435 deny log ip from any to any