Erik Norgaard wrote:
B H wrote:
You have nat?
Yes, and it's working.
are you routing traffic?
Yes.
from where to where are you trying to connect,
From the outside and in.
From outside and in means from somewhere on the internet to the
external interface on our fw? or to a natted
B H wrote:
Now IPFilter does not work or is VERY slow, ssh, web and mail timesout.
NAT is working like it should.
# dmesg | grep 'IP Filter'
IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled
ipf.rules looks like this:
# Let clients behind the firewall send out to the
Erik Norgaard skrev:
B H wrote:
Now IPFilter does not work or is VERY slow, ssh, web and mail timesout.
NAT is working like it should.
# dmesg | grep 'IP Filter'
IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled
ipf.rules looks like this:
# Let clients behind the
B H wrote:
You have nat?
Yes, and it's working.
are you routing traffic?
Yes.
from where to where are you trying to connect,
From the outside and in.
From outside and in means from somewhere on the internet to the external
interface on our fw? or to a natted server inside?
The
Your firewall rules are pretty much useless.
Your default is to pass everything that does not match a rule.
So other than those block rules everything is allowed out and in.
This means your slowness problem has nothing to do with your
firewall.
Read the handbook for ipfilter sample rule set if
Erik Norgaard skrev:
B H wrote:
From outside and in means from somewhere on the internet to the
external interface on our fw?
Yes.
or to a natted server inside?
No.
The outside ip is not in the range 82.182.0.0/16? you have blocked
everything from that address space,, first in-rule.