ipfw

[Tomas TPS Ulej]

JH> 00050 divert 8668 ip from any to any via xl0
JH> 00100 allow ip from any to any via lo0
JH> 00200 deny ip from any to 127.0.0.0/8
JH> 65000 allow ip from any to any
JH> 65535 deny ip from any to any

JH> (interni sit 192.168.1.0, pakety ktere jdou ven prochazeji skrz maskaradu)

JH> Nyni muze vem kazde ip z interni site.Chtel jsem pristup ven omezit treba
JH> jenom na ip 192.168.1.10
JH> smazal jsem proto pravidlo 65000 a pridal pravidla:
JH> 00300 allow ip from 192.168.1.10 to any
JH> 00400 allow ip from any to 192.168.1.10
JH> bohuzel vsak toto nefuguje.
JH> Nevite prosim nekdo, jake pravidlo bych mel jeste pridat, aby mohl pocitac
JH> 192.168.1.10 ven?

co tak

00050 divert 8668 ip from 192.168.1.10 to any via xl0 ?
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
65000 allow ip from any to any
65535 deny ip from any to any

vnutorne IP mozu ist na vsetky ostatne vnutorne IP.. 1.10 sa divertuje
aj von...

--
TPS