IPFW via command problem
Ian Moore
imoore at picknowl.com.au
Sat Dec 13 22:49:32 PST 2003
Hi,
I'm setting up a firewall on a dual homed host for an ADSL connection.
I'm using 4.8-RELEASE, cvsupped to the latest RELENG_4_8 as of late October
2003.
I've followed the instructions at
http://www.mostgraveconcern.com/freebsd/ipfw.html for setting up the
firewall, which supposedly work, but seem to be having a problem with the via
command
eg lines like
# Allow outgoing pings
${fwcmd} add pass icmp from any to any icmptypes 8 out via ${oif}
${fwcmd} add pass icmp from any to any icmptypes 0 in via ${oif}
where I have defined ${oif} as
oif="xl1"
where xl1 is my external interface
The above lines don't allow pings to the outside world, but if I comment out
via ${oif} then it does allow them.
This seems to be true of all the lines with via in them - they don't work.
I tried substituting the actual IP address for the interface name, but that
didn't work either.
I can't figure out why via doesn't work - anyone have any clues as to why it
wouldn't function?
Cheers,
Ian
More information about the freebsd-questions
mailing list