This will be my soon future plan. I will start blocking once I get the connection figured out. Right now I have the BSD box connected to the internet through my isp and it works fine. I configured the internal nic to use 10.1.10.1 and hooked my Linksys router up to that. My plan is to allow "all" out from the linksys but only selected ports in. I know this sounds strange maybe but im in a learning process here
My problem is, I plug the router in to int_if . I set the router ip static and to 10.1.10.2 netmask 255.255.255.0 gateway 10.1.10.1 dns to what my isp assigned. I can ping 10.1.10.1 from the router. I can ping 10.1.10.2 from the router <grin> but I cant ping 10.1.10.2 from the Freebsd box. I can however ping 10.1.10.1 from the freebsd box. I cant figure out yet why I am having a hard time with this connection. It seems like it should be so simple. Using PF should take care of all of my routing needs shouldnt it? no need for natd?