Re: masquerading and http

Kev (klmitch@MIT.EDU)
Tue, 22 Jun 1999 13:24:29 EDT

> With the masquerading option of ipfwadm ping works from inside to
> outside, but the private client cannot receive web pages from outside.

Make sure you have packet forwarding on and that you've set up the proper
holes through the firewall; something like the following near the beginning
of your firewalling rules should allow any outgoing TCP connections:

ipfwadm -I -a accept -P tcp -k -W eth0 -S -D ${IPADDR}

(pattern-match as appropriate)

Kevin L. Mitchell <>
-------------------------  -. .---- --.. ..- -..-  --------------------------               (PGP keys availiable from here)
    RSA AE87D37D/1024:  DE EA 1E 99 3F 2B F9 23  A0 D8 05 E0 6F BA B9 D2
    DSS ED0DB34E/1024: D9BF 0E74 FDCB 43F5 C597  878F 9455 EC24 ED0D B34E
    DH  2A2C31D4/2048: 1A77 4BA5 9E32 14AE 87DA  9FEC 7106 FC62 2A2C 31D4

- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to