Quote:
Originally Posted by xinform3n
If I would like to allow HTTP from vlan10 to vlan20, which rule is correct ?
pass in on vlan10 inet proto tcp from $vlan10_subnet to $vlan20_subnet port 80
pass in on carp10 inet proto tcp from $vlan10_subnet to $vlan20_subnet port 80
pass in on vic0 inet proto tcp from $vlan10_subnet to $vlan20_subnet port 80
After reading the Man Page, I Think that the first one is correct, is it correct ?
Thanks !
|
If vlan10 is the initiatior of the connection to vlan20 it should be
Code:
pass out quick on vlan10 inet proto tcp from $vlan10_subnet to $vlan20_subnet port 80