On Mon, Nov 18, 2002 at 01:22:19AM -0800, Daniel Eggert wrote:
> Im running NAT and have a private subnet 192.168.0.0/24, but in contrast to the case usually described in the documentation, my private subnet is _not_ trusted.
> 
> My question: How should I set up my ipf rules for the nic that connects the 192.168.0.0/24 network? I want to allow all traffic to my ISP, but nothing to my NetBSD box.
> 
> I have set up the rules to block all unwanted traffic comming in from my ISP. That part works like a charm.

Just do the same on the other part: copy the rules, change the interface
name and IP address.

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 23 ans d'experience feront toujours la difference
--