Hi!
I'm in need of little help with my firewall on my FreeBSD 7.0 server.
I have OpenVPN installed and have it configured with routed vpn.
Now I want to NAT all the traffic that comes from tun0 so it can reach the internet on vr0, but I'm not exactly sure how to do that..
My firewall looks like this atm:
(/usr/local/etc/ipfw.rules)
Code:
IPF="ipfw -q add"
ipfw -q -f flush
#loopback
$IPF 10 allow all from any to any via lo0
$IPF 20 deny all from any to 127.0.0.0/8
$IPF 30 deny all from 127.0.0.0/8 to any
$IPF 40 deny tcp from any to any frag
# statefull
$IPF 50 check-state
$IPF 60 allow tcp from any to any established
$IPF 70 allow all from any to any out keep-state
$IPF 80 allow icmp from any to any
# open port ssh (22), http (80), openvpn (1194) etc
$IPF 130 allow tcp from any to any 22 in
$IPF 140 allow tcp from any to any 22 out
$IPF 150 allow tcp from any to any 80 in
$IPF 160 allow tcp from any to any 80 out
$IPF 210 allow udp from any to any 1194 in
$IPF 215 allow udp from any to any 1194 out
# allow some inbound icmps - echo reply, dest unreach, source quench,
# echo, ttl exceeded.
$IPF allow icmp from any to any icmptypes 0,3,4,8,11
# deny and log everything
$IPF 500 deny log all from any to any
Is there anyone that knows what to do and can help me with this?