Have you tried Firewall Builder? You can use Firewall Builder to make all the rules for iptables.<br><br><br><br><div class="gmail_quote">On Sun, Apr 5, 2009 at 8:47 AM, gigli <span dir="ltr"><<a href="mailto:gigli@swipnet.se">gigli@swipnet.se</a>></span> wrote:<br> <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Peter Humphrey skrev:<br> <div><div></div><div class="h5">> On Sunday 05 April 2009 11:41:55 gigli wrote:<br> ><br> >> i will give shorewall a new try and hope i'll make better progress thsi<br> >> time<br> ><br> > My gateway machine has three interfaces and uses shorewall to protect them.<br> > If you like I could tar up /etc/shorewall and send it to you. I've had to<br> > create macros for several services and put them in /usr/share/shorewall,<br> > but if you run "shorewall try /etc/shorewall" it'll tell you which you<br> > need. I made them by copying others and changing bits.<br> ><br> > The three interfaces are the external network (a DSL modem), the internal<br> > wired network (an Ethernet switch) and a wireless network (an access<br> > point).<br> ><br> > I don't suppose my setup is the acme of elegance or wit, but it seems to<br> > work. The rules file is 195 lines long.<br> ><br> </div></div>Hi peter<br> <br> I would be happy if you mailed me the tar. I have only one interface and<br> need to protect my computer while connected through openvpn, i guess<br> openvpn goes directly through my pfsense box bothways and it would be<br> nice to stay protected then. Or have i misunderstood that?<br> <br> Martin<br> <font color="#888888"><a href="mailto:gigli@swipnet.se">gigli@swipnet.se</a><br> <br> </font></blockquote></div><br>