Tim wrote: > Ok, here's the relevant information: [sni] > rc.masq > ======= > /sbin/ipfwadm -F -f > /sbin/ipfwadm -F -a accept -b -S 192.168.200.0/255.255.255.0 -D >192.168.100.0/255.255.255.0 > /sbin/ipfwadm -F -a m -S 192.168.200.9/255.255.255.255 -D 0.0.0.0/0 Note: this will still masquerade packets which are sent between different hosts on the same network. The first rule will only apply when one end is on the 100 network and the other is on the 200 network, but not when both hosts are on the same network. Unless there is some compelling reason to the contrary, it would probably be better to treat the whole of 192.168.* as a single network for this purpose, i.e. /sbin/ipfwadm -F -a accept -S 192.168.0.0/16 -D 192.168.0.0/16 /sbin/ipfwadm -F -m -a accept -S 192.168.0.0/16 -- Glynn Clements <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to [EMAIL PROTECTED]
