Greetings,
I'm using PF on FreeBSD 9.2 on a server which is used only to perform NAT (got customers in private IP behind this server), and I'd like to know which kind of rule do I have to implement to allow
After research, it seems that either my server has to answer to both
Otherwise if I want to allow
ext_if : external interface
subs_net: my subscriber
Rule:
Thanks for your feedback guys
I'm using PF on FreeBSD 9.2 on a server which is used only to perform NAT (got customers in private IP behind this server), and I'd like to know which kind of rule do I have to implement to allow
traceroute
(from a Windows laptop) to go through my server, but I don't want my server to answer it. And in the meantime, I want my server to answer to ping
.After research, it seems that either my server has to answer to both
ping
and traceroute
, or not at all.Otherwise if I want to allow
traceroute
to go through my server, but without permitting the server to answer it, would this rule below be ok:ext_if : external interface
subs_net: my subscriber
Rule:
Code:
block out on $ext_if inet proto udp from $subs_net to any port 33433 >< 33626 keep state
Thanks for your feedback guys