Subject: Re: Friewall rules for NAT w/ DHCP outside address
From: Sam Carleton <email@example.com>
Date: 07/21/2001 04:25:25
Thank you. I have two more questions:
1: I am a bit confused about dealing with the NAT/DHCP issue. What has me
stumped is that if I want to do a:
block in log quick on tun0 proto tcp from any to <internal network> port = 23
block out log quick on tun0 proto tcp from <internal network> to any port = 23
What do I put in for the internal network? The IP is assigned via DHCP. Is
my only choice to use any?
2: I need to redirect some incoming requests. I am running a web server and
mail server on a machine behind the firewall and I would like incoming
requests to be redirect to that machine. How do I configure NAT to do that?
gabriel rosenkoetter wrote:
> On Fri, Jul 20, 2001 at 07:15:26PM -0400, Sam Carleton wrote:
> > block in log quick on tun0 proto tcp from any to 220.127.116.11/24 port = 23
> > I simply want to block incoming port 23 to the tun0 interface, how do I
> > go about doing that? For that matter, I would like to block ALL traffic
> > on tun0 of port 23.
> Presuming you do want the tcp part included and understand (and
> want) quick:
> block in log quick on tun0 proto tcp from any to any port = 23
> ~ g r @ eclipsed.net