Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

tlug: IP forwarding




OK, I've got my server here with eth0 going to the outside world and eth1
going to a private network using IP masquerading.  ipfwadm is working
perfectly with the rule:

IP firewall forward rules, default policy: deny
type  prot source               destination          ports
acc/m all  192.168.1.0/24       anywhere             n/a


Now, I want to block 192.168.1.0/24 from accessing web sites directly - I
want them to use my proxy server.  So I added the rules:

deny  tcp  192.168.1.0/24       anywhere             any -> http
rej   tcp  192.168.1.0/24       anywhere             any -> http

but, there's no change in behavior.  The masq systems can still do it.  Do
Ineed to say deny/m and rej/m?  I'll try it, but.. if anyone else has any
hints...

--------------------------------------------------
Scott M. Stone <sstone@example.com, sstone@example.com>
               <sstone@example.com>
Linux Developer/Systems Administrator for Pacific HiTech, Inc. 
http://www.pht.com		http://armadillo.pht.co.jp
http://www.pht.co.jp	        http://www.turbolinux.com


---------------------------------------------------------------
Next TLUG Meeting: 11 April Sat, Tokyo Station Yaesu gate 12:30
Featuring Tague Griffith of Netscape i18n talking on source code
---------------------------------------------------------------
a word from the sponsor:
TWICS - Japan's First Public-Access Internet System
www.twics.com  info@example.com  Tel:03-3351-5977  Fax:03-3353-6096



Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links