/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */ On Mon, 8 Nov 1999, Vic Hou wrote: > I mean that node in the internal network(192.168.1.2~254) ONLY can > retrieve POP3 , via 192.168.1.1 (my ip-masquerading machine ?), > but can not access other Internet resource such as WWW, News....so > on ? > > ========= > ipfwamd -F -f > ipfwamd -F -a m -P tcp -S 192.168.1.0/24 110 -D -b > ipfwamd -F -a deny -S 192.168.1.0/24 110 -D The client traffic will not be *from* port 110. There are also syntax errors apart from the obvious "ipfwamd". Try: ipfwadm -F -f ipfwadm -F -a m -P tcp -S 192.168.1.0/24 -D 0.0.0.0/0 110 -W ppp0 ipfwadm -F -a deny -S 192.168.1.0/24 -W ppp0 -l ...and for the "ppp0" substitute whatever interface the Internet is on. -- John Hardin KA7OHZ ICQ#15735746 http://www.wolfenet.com/~jhardin/ [EMAIL PROTECTED] pgpk -a finger://gonzo.wolfenet.com/jhardin 768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Monty Python's Star Trek Voyager: A successful trans-warp experiment turns Paris and Janeway into newts, but they get better. ...wait a minute... It's already been done... ----------------------------------------------------------------------- 9 days until Leonid meteor shower _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
