filtering aliasIP from the primaryIP with IPF

From: Roisin Murphy (Roisin.Murphy_at_gmail.com)
Date: 09/30/04

  • Next message: ict technician: "broken fs dump file" 
    Date: Thu, 30 Sep 2004 01:14:52 -0700
To: freebsd-questions@freebsd.org

    hi

    my freebsd machine is 192.168.1.34 with one jail running on
    192.168.1.35 (dc0_alias), and i have one more separate win2k box:
    192.168.1.33, i want to filter that jail with ipf, so that it cannot
    access anything running on that win2k machine and anything bind to the
    primary fbsd IP, but i want to be still able to ssh into that .35 jail
    filtering the win2k box worked as expected:
    pass in quick on dc0 proto tcp from 192.168.1.33 to 192.168.1.35 port
    = 22 flags S keep state
    block out quick on dc0 proto tcp/udp from 192.168.1.35 to 192.168.1.33
    keep state keep frags
    but that primary fbsd IP, since its the same dc0 interface, i dont
    know how to write that rule... anyone?

    thanks
    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

  • Next message: ict technician: "broken fs dump file"

    Relevant Pages