Re: ipfw ruleset question
Sounds like your spam-blocking rules include some packet-accepting rules. What does the ruleset look like? 100 divert natd all from any to any via ext_if rules from 150 to 500 are blocking rules for my firewall rules from 1000 and up are for my clients. My natd runs as 1:1 nat. what I need is: rules from 100 to 499 for blocking spam 500 divert natd all from any to any via ext_if and the rest is not important... I would like not all packets sending to nat, it some kind of disabling spam, and so on.. Have got any idea ? Thanks in advance Andrzej Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw ruleset question
Andrzej Kwiatkowski [EMAIL PROTECTED] writes: I've got a bit strange problem.. My freeBSD works as NAT with natd. Whene rule divert 8668 ip from any to any via fxp0 is first everything is ok,but when i try to move this rule after some blocking spamer rules, my Nat won't work properly. Incoming traffic is well nated, but outgoing looks like not nated. sysctl net.inet.ip.fw.one_pass is set to 1. I try to set to 0 but nothings changed . Have any Idea ?? Sounds like your spam-blocking rules include some packet-accepting rules. What does the ruleset look like? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfw ruleset question
Helo. I've got a bit strange problem.. My freeBSD works as NAT with natd. Whene rule divert 8668 ip from any to any via fxp0 is first everything is ok,but when i try to move this rule after some blocking spamer rules, my Nat won't work properly. Incoming traffic is well nated, but outgoing looks like not nated. sysctl net.inet.ip.fw.one_pass is set to 1. I try to set to 0 but nothings changed . Have any Idea ?? thanks in advance Andrzej Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
