On Sun, Sep 14, 2003 at 11:52:40PM -0400, Bob Hall wrote:
> On Sun, Sep 14, 2003 at 05:27:15PM +0800, Robert Storey 
> > Dear All,
> > 
> > I'm having a hard time configuring a firewall. I ALMOST 
understand it,
> > but I've run into one problem. I think I don't actually 
have my
> > /etc/rc.firewall set up properly. Maybe I don't really 
understand what
> > the "ip" setting should be, and I've made it the same as 
my "net"
> > setting. Anyway, what I can say is that with the 
configuration I have, I
> > can access my internal (ethernet) network, but ppp is 
totally blocked,
> > which of course I don't want.
> Could you be more specific about what doesn't work? Have 
you tried ping 
> and traceroute? nslookup? HTTP? Sometimes when people are 
having trouble, 
> it turns out that they are having trouble with specific 
apps, but 
> otherwise can connect successfully.
> It looks like you're using the CLIENT ruleset from the 
default rc.firewall. 
> If this firewall is for a LAN, you will have more success 
with the SIMPLE 
> ruleset. (I made the same mistake the first time I set up a 
LAN firewall.)

I forgot to mention that this is intended as a supplement to 
the previous 
responses. In particular, it looks like you need to set up 
NAT. If that's 
not set up, then nothing will work.

Bob Hall
