block all vs. explicit blocks
From: Archevis (archevis_at_hotmail.com)
Date: 08/23/04
- Next message: Marco S Hyman: "Re: block all vs. explicit blocks"
- Previous message: MetalHead: "Re: Where is my BSD CD???"
- Next in thread: Marco S Hyman: "Re: block all vs. explicit blocks"
- Reply: Marco S Hyman: "Re: block all vs. explicit blocks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 22 Aug 2004 16:14:30 -0700
I have an OpenBSD 3.5 firewall with two network interfaces (rl0 & xl0)
at work. Been struggling with setting up a VPN service for several
days now, and finally got it working. However, the last problem I had
got me quite puzzled.
It turns out that while I can ping every machine on the office
network, no TCP services are available when I use the "block all"
directive. But it all works perfectly if I swap "block all" with:
block in on xl0 all
block out on xl0 all
block in on rl0 all
block out on rl0 all
What is the difference here? It seems obvious that I have opened up
something which was originally closed, but exactly what did I open...?
- 4rch3v15.
- Next message: Marco S Hyman: "Re: block all vs. explicit blocks"
- Previous message: MetalHead: "Re: Where is my BSD CD???"
- Next in thread: Marco S Hyman: "Re: block all vs. explicit blocks"
- Reply: Marco S Hyman: "Re: block all vs. explicit blocks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
