|
||||||||
Hi, Mine has 3 nics : LAN, WAN, OPT1 Everything is working fine. However, I've problem to set up rule. OPT1 (WiFi) should able to connect to mail server which reside on LAN. Any suggestion on this? TIA. -hendro- Interfaces xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=1<RXCSUM> inet 192.168.0.76 netmask 0xffffff00 broadcast 192.168.0.255 ether 00:04:79:66:c6:af media: Ethernet autoselect (100baseTX <full-duplex>) status: active rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=40<POLLING> inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 ether 00:50:ba:bd:3a:79 media: Ethernet autoselect (100baseTX <full-duplex>) status: active xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=1<RXCSUM> inet xxx.xxx.xxx.xxx netmask 0xfffffff8 broadcast xxx.xxx.xxx.xxx ether 00:01:03:c2:53:68 media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000 Routing tables Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default xxx.xxx.xxx.xxx UGSc 1 75735 xl1 127.0.0.1 127.0.0.1 UH 0 0 lo0 192.168.0 link#1 UC 6 0 xl0 192.168.0.1 00:50:04:12:a8:00 UHLW 0 6 xl0 1183 192.168.0.2 00:12:3f:76:9b:7f UHLW 0 24 xl0 1188 192.168.0.4 00:0d:60:17:33:72 UHLW 1 70673 xl0 1194 192.168.0.178 00:0d:60:80:cf:77 UHLW 2 52368 xl0 1195 192.168.0.193 00:10:b5:11:a1:d6 UHLW 1 16672 xl0 1197 192.168.0.236 00:e0:18:00:00:03 UHLW 0 746 xl0 785 192.168.1 link#2 UC 6 0 rl0 192.168.1.1 00:50:ba:bd:3a:79 UHLW 0 0 lo0 192.168.1.8 00:c0:02:e3:a1:b4 UHLW 0 0 rl0 192.168.1.183 00:13:ce:cb:26:f9 UHLW 1 4291 rl0 1103 192.168.1.186 00:13:ce:ca:1a:f7 UHLW 24 8933 rl0 1024 192.168.1.187 00:0e:35:a8:0f:6f UHLW 0 159 rl0 1129 192.168.1.192 00:13:02:02:a1:f7 UHLW 1 51632 rl0 799 xxx.xxx.xxx.xxx/29 link#3 UC 1 0 xl1 xxx.xxx.xxx.xxx 00:60:40:6f:56:b7 UHLW 2 0 xl1 1119 ipfw show 01000 544322 129854083 skipto 50000 ip from any to any not layer2 not via rl0 01001 766552 141488213 allow ip from any to any layer2 not via rl0 01100 3373 154420 allow ip from any to any layer2 mac-type 0x0806 01101 2138 98428 deny ip from any to any layer2 not mac-type 0x0800 01102 175953 72058945 skipto 20000 ip from any to any layer2 01200 277 93247 allow udp from any 68 to 255.255.255.255 dst-port 67 in 01201 205 62468 allow udp from any 68 to 192.168.1.1 dst-port 67 in 01202 292 95776 allow udp from 192.168.1.1 67 to any dst-port 68 out 01203 48 2304 allow icmp from 192.168.1.1 to any out icmptypes 8 01204 0 0 allow icmp from any to 192.168.1.1 in icmptypes 0 01300 1783 118158 allow udp from any to 192.168.1.1 dst-port 53 in 01301 1740 332442 allow udp from 192.168.1.1 53 to any out 01302 2283 361798 allow tcp from any to 192.168.1.1 dst-port 8000 in 01303 2458 1003306 allow tcp from 192.168.1.1 8000 to any out 10002 1 78 skipto 50000 ip from 192.168.1.183 to any in 10002 1 40 skipto 50000 ip from any to 192.168.1.183 out 19900 1850 344171 fwd 127.0.0.1,8000 tcp from any to any dst-port 80 in 19901 1859 203235 allow tcp from any 80 to any out 19902 2888 288140 deny ip from any to any 20002 0 0 deny ip from 192.168.1.183 not MAC any 00:13:ce:cb:26:f9 any layer2 in 20002 0 0 deny ip from any to 192.168.1.183 not MAC 00:13:ce:cb:26:f9 any layer2 out 29900 175953 72058945 allow ip from any to any layer2 50000 139951 22636183 allow ip from 192.168.0.76 to any 50001 147589 21239052 allow ip from any to 192.168.0.76 50002 0 0 queue 7 tcp from any 6881-6999 to any in via xl1 50003 0 0 queue 7 tcp from any to any dst-port 6881-6999 in via xl1 50004 0 0 queue 5 tcp from any 6881-6999 to any out via xl1 50005 0 0 queue 5 tcp from any to any dst-port 6881-6999 out via xl1 50006 0 0 queue 7 ip from any 412 to any in via xl1 50007 0 0 queue 7 ip from any to any dst-port 412 in via xl1 50008 0 0 queue 5 ip from any 412 to any out via xl1 50009 0 0 queue 5 ip from any to any dst-port 412 out via xl1 50010 0 0 queue 7 ip from any 1044-1045 to any in via xl1 50011 13 5303 queue 7 ip from any to any dst-port 1044-1045 in via xl1 50012 12 1312 queue 5 ip from any 1044-1045 to any out via xl1 50013 0 0 queue 5 ip from any to any dst-port 1044-1045 out via xl1 50014 0 0 queue 7 ip from any 1214 to any in via xl1 50015 163 192067 queue 7 ip from any to any dst-port 1214 in via xl1 50016 165 21794 queue 5 ip from any 1214 to any out via xl1 50017 0 0 queue 5 ip from any to any dst-port 1214 out via xl1 50018 0 0 queue 7 ip from any 2340 to any in via xl1 50019 11 2095 queue 7 ip from any to any dst-port 2340 in via xl1 50020 10 2372 queue 5 ip from any 2340 to any out via xl1 50021 0 0 queue 5 ip from any to any dst-port 2340 out via xl1 50022 0 0 queue 7 ip from any 4329 to any in via xl1 50023 0 0 queue 7 ip from any to any dst-port 4329 in via xl1 50024 0 0 queue 5 ip from any 4329 to any out via xl1 50025 0 0 queue 5 ip from any to any dst-port 4329 out via xl1 50026 0 0 queue 7 ip from any 4661-4665 to any in via xl1 50027 0 0 queue 7 ip from any to any dst-port 4661-4665 in via xl1 50028 0 0 queue 5 ip from any 4661-4665 to any out via xl1 50029 0 0 queue 5 ip from any to any dst-port 4661-4665 out via xl1 50030 0 0 queue 7 ip from any 5190 to any in via xl1 50031 0 0 queue 7 ip from any to any dst-port 5190 in via xl1 50032 0 0 queue 5 ip from any 5190 to any out via xl1 50033 0 0 queue 5 ip from any to any dst-port 5190 out via xl1 50034 0 0 queue 7 ip from any 5500-5503 to any in via xl1 50035 0 0 queue 7 ip from any to any dst-port 5500-5503 in via xl1 50036 0 0 queue 5 ip from any 5500-5503 to any out via xl1 50037 0 0 queue 5 ip from any to any dst-port 5500-5503 out via xl1 50038 0 0 queue 7 ip from any 6346 to any in via xl1 50039 0 0 queue 7 ip from any to any dst-port 6346 in via xl1 50040 0 0 queue 5 ip from any 6346 to any out via xl1 50041 0 0 queue 5 ip from any to any dst-port 6346 out via xl1 50042 0 0 queue 7 ip from any 6666-6668 to any in via xl1 50043 0 0 queue 7 ip from any to any dst-port 6666-6668 in via xl1 50044 0 0 queue 5 ip from any 6666-6668 to any out via xl1 50045 0 0 queue 5 ip from any to any dst-port 6666-6668 out via xl1 50046 0 0 queue 7 ip from any 6699-6701 to any in via xl1 50047 0 0 queue 7 ip from any to any dst-port 6699-6701 in via xl1 50048 0 0 queue 5 ip from any 6699-6701 to any out via xl1 50049 0 0 queue 5 ip from any to any dst-port 6699-6701 out via xl1 50050 0 0 queue 7 ip from any 7668 to any in via xl1 50051 0 0 queue 7 ip from any to any dst-port 7668 in via xl1 50052 0 0 queue 5 ip from any 7668 to any out via xl1 50053 0 0 queue 5 ip from any to any dst-port 7668 out via xl1 50054 0 0 queue 7 ip from any 7788 to any in via xl1 50055 0 0 queue 7 ip from any to any dst-port 7788 in via xl1 50056 0 0 queue 5 ip from any 7788 to any out via xl1 50057 0 0 queue 5 ip from any to any dst-port 7788 out via xl1 50058 0 0 queue 7 ip from any 8311 to any in via xl1 50059 0 0 queue 7 ip from any to any dst-port 8311 in via xl1 50060 0 0 queue 5 ip from any 8311 to any out via xl1 50061 0 0 queue 5 ip from any to any dst-port 8311 out via xl1 50062 0 0 queue 7 ip from any 8888-8889 to any in via xl1 50063 0 0 queue 7 ip from any to any dst-port 8888-8889 in via xl1 50064 0 0 queue 5 ip from any 8888-8889 to any out via xl1 50065 0 0 queue 5 ip from any to any dst-port 8888-8889 out via xl1 50066 0 0 queue 7 ip from any 28864-28865 to any in via xl1 50067 0 0 queue 7 ip from any to any dst-port 28864-28865 in via xl1 50068 0 0 queue 5 ip from any 28864-28865 to any out via xl1 50069 0 0 queue 5 ip from any to any dst-port 28864-28865 out via xl1 50070 54951 2278004 queue 3 tcp from any to any iplen 0-80 tcpflags ack out via xl1 50071 7380 399226 queue 1 ip from any to any iplen 0-100 out via xl1 50072 0 0 queue 1 udp from any to any dst-port 53 out via xl1 50073 0 0 queue 1 ah from any to any out via xl1 50074 0 0 queue 1 esp from any to any out via xl1 50075 0 0 queue 1 gre from any to any out via xl1 50076 0 0 queue 2 icmp from any to any out via xl1 50077 13235 8988992 queue 4 ip from any to any out via xl1 50078 4 224 queue 8 icmp from any to any in via xl1 50079 23330 1009694 queue 8 ip from any to any iplen 0-100 in via xl1 50080 0 0 queue 8 ah from any to any in via xl1 50081 0 0 queue 8 esp from any to any in via xl1 50082 0 0 queue 8 gre from any to any in via xl1 50083 55038 54415934 queue 6 ip from any to any in via xl1 65535 262130 87687217 allow ip from any to any |