/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */ my firewall script is a typical "David Ranch" script. My input section now denies all FTP and TELNET protocol on eth0 (WAN) after a hacker made his way in. My Forward section masquerades -S 0/0 -D WAN_IP_ADDR I want to use telnet and ftp within my 10.0.1.0/24 subnet to go directly to my eth1 (local) interface Using TCPDUMP, I found that my local requests are masq'd, then forwarded to my eth0, where my imput rule denies them. So I thought that I could avoid masqerading my local trafic and keep it within my subnet. I tried to add a line in my forward section as follows, but it does not work: ipfwadm -F -a accept -S 10.0.1.0/24 -D 10.0.1.221 (my linux server) -W eth1 Am I getting into an infinite loop? Thanks Paolo Illing PAGA Software Inc. 21 Abilene Drive, Toronto, ON M9A 2M7 Tel: +1 (416) 232 0711 http://www.paga.com [EMAIL PROTECTED] _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
