Subject: Re: IPFiler ( ipf ) for dial-up and LAN
To: None <gillham@vaultron.com>
From: zuan . <me_izwan@hotmail.com>
List: port-i386
Date: 04/11/2002 20:42:37
>Look in /usr/share/examples/ipf/mediaone.
>Basically put this in /etc/ipnat.conf:
>map ppp0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
>map ppp0 192.168.1.0/24 -> 0/32 portmap tcp/udp 1024:65535
>map ppp0 192.168.1.0/24 -> 0/32
>
>You also need to enable 'options GATEWAY' in your kernel, or add the
>following to /etc/sysctl.conf:
> net.inet.ip.forwarding=1
>
>Also in /etc/rc.conf:
> ipnat=YES
ermm i have that in my ipnat.conf
---
map ppp0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
map ppp0 192.168.1.0/24 -> 0/32 portmap tcp/udp 40000:60000
map ppp0 192.168.1.0/24 -> 0/32
rdr ppp0 0.0.0.0/0 port 80 -> 192.168.1.123 port 80
rdr ppp0 0.0.0.0/0 21 ftp -> 192.168.1.10 21 ftp
---
what about ipf.conf ??
i try make some rules but it end up blocking my LAN from access the internet
so right now i only have this :
pass in quick on rtk0 all
pass out quick on rtk0 all
pass in quick on ppp0 all
pass out quick on ppp0 all
pass in quick on lo0 all
pass out quick on lo0 all
_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com