NAT+IPFW
Nikolay Kanchev
nikolay.kanchev at amk-drives.bg
Thu May 22 22:42:30 PDT 2003
Sent: Friday, May 23, 2003 12:22 AM
Subject: NAT+IPFW
> Dear all
>
> I need to do the following
>
> I have a fbsd router that runs nat and routes some public IP addresses
>
> I ned to use the ipfw rules to deny traffic from the public IP's AND the
> nat o do bandwidth limiting
>
> eg
> deny tcp from 192.168.200.1 to www.yahoo.com http out
> and
> deny tcp from 24.199.213.1 to www.yahoo.com http out
>
> my questions are where do I place the rules in relation to the divert
rules etc
>
Hi
after divert packets to NAT interface IPFW continue to check next rules
after divert rule, therefore You should place your rules after divert rule.
Best regards
Nikolay Kanchev
More information about the freebsd-security
mailing list