Micheal Patterson wrote:
----- Original Message -----
From: "Norm Vilmer" <[EMAIL PROTECTED]>
To: "Micheal Patterson" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, September 17, 2004 10:30 AM
Subject: Re: Too many dynamic rules, sorry
<snip>
I do have a check-state rule
add 00200 check-state
Norm Vilmer
Ok. Then right above the check-state entry, place an
allow ip from 123.123.123/24 to 123.123.123./24
Replace the ip's with the appropriate network/metric for your lan and that
will allow lan traffic to go to itself unhindered by any stateful checks.
--
Micheal Patterson
TSG Network Administration
405-917-0600
Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.
would this be the same?
add 00200 allow all from any to any via ${iif} keep-state
add 00210 check-state
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
