I use Dynamic rulesets with IPFW:
ipfw add check-state
ipfw add deny tcp from any to any established
ipfw add allow tcp from my-net to any setup keep-state
But I also have services I need anyone on the net to get to, without me makin
g a connection first from my-net . I allow such
Date: Tue, 16 Jul 2002 22:09:09 -0600
Message-Id: [EMAIL PROTECTED]
X-Mailer: Open WebMail 1.70 20020712
X-OriginatingIP: 127.0.0.1 (campbell)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
I use no check-states, just keep-state, and only
for DNS, soo,
${fwcmd} add pass tcp from