IPFW.

[Dan]

On Sunday 19 October 2003 5:19 pm, you wrote:
> First, as somebody else suggested, either use numbers on every rule
> or none at all.  Second, you want to keep-state only on setup, not
> on every tcp packet going in either direction, as that will be wide
> open.  Third, you don't seem to have any rule allowing udp, so dns
> lookups are not likely to work.  Fourth, did you actually put the
> rules into effect?  If so, you should see entries in the logs when
> packets are denied.  Fifth, the rule with 192.168 in it will never
> fire, as the address will have been translated by natd before it
> gets there.
>
> Doing ipfw list will show you the rules that exist, and ipfw -atde list
> will show you which rules have matched and when.

Hmm .. Ok thanks again for your reply.
I probably understood 5% of that though ;)
I will go and search on google for some of the pointers you've given me .. but 
I am finding this really hard..it took me absolutely ages just to get that 
far.

Once again thanks for your help!