[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: don't get it...



On Sun, Nov 17, 2002 at 01:35:59PM +0100, Saad Kadhi wrote:
> On Sun, Nov 17, 2002 at 01:20:32PM +0100, Matijs wrote:
> > So I should use any or mention both the external AND the internal? It seems
> > to me that if I block everything coming in on the external interface no
> > package should ever come through.
erm. of course I meant:
   internal_host="192.168.1.1/32"
   pass in on $ext_if proto tcp from 123.123.123.123/32 to $internal_host port \
   1234 keep state
-- 
Saad Kadhi -- [saad@docisland.org] [bsdguy@docisland.org]
[pgp keyid: 35592A6D http://pgp.mit.edu]
[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63  65EB 34F1 DBBF 3559 2A6D]
---
Can't fight the Systemagic
Uber tragic