[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-ipfw
Subject: Re: 4.1.1 rc.firewall
From: Ruslan Ermilov <ru () sunbay ! com>
Date: 2000-09-29 6:50:13
[Download RAW message or body]
On Thu, Sep 28, 2000 at 01:48:18PM -0400, Forrest Aldrich wrote:
> Any reason why these rules are repated (2 times) in /etc/rc.firewall... or
> is it a typo.
>
>
> # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1,
> # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E)
> # on the outside interface
> ${fwcmd} add deny all from 0.0.0.0/8 to any via ${oif}
> ${fwcmd} add deny all from 169.254.0.0/16 to any via ${oif}
> ${fwcmd} add deny all from 192.0.2.0/24 to any via ${oif}
> ${fwcmd} add deny all from 224.0.0.0/4 to any via ${oif}
> ${fwcmd} add deny all from 240.0.0.0/4 to any via ${oif}
>
They are not repeated twice, they just broken into two parts, first before NAT,
and second after NAT.
--
Ruslan Ermilov Oracle Developer/DBA,
ru@sunbay.com Sunbay Software AG,
ru@FreeBSD.org FreeBSD committer,
+380.652.512.251 Simferopol, Ukraine
http://www.FreeBSD.org The Power To Serve
http://www.oracle.com Enabling The Information Age
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic