#################################################
# Firewall Configuration
#
firewall_enable=YES
firewall_quiet=YES
firewall_type=/usr/local/etc/firewall_rules

firewall_flags="-p cpp				\
		-D INT_IF=eth1			\
		-D INT_ADDR=192.168.1.1		\
		-D INT_NET=192.168.0.0/16	\
		-D EXT_IF=eth0			\
		-D EXT_ADDR=270.283.113.190	\
		-D EXT_NET=270.283.113.160/27	\
		-D LOG_DROPPED_PACKETS		\
		-D ALLOW_ALL_ICMP		\
		-D ALLOW_ACTIVE_FTP		\
		-D ALLOW_TRACEROUTE		\
		-D LOCAL_NAME_SERVER		\
		-D LOCAL_TIME_SERVER		\
		-D LOCAL_VPN_SERVER		\
		-D ROUTE_INTERNAL_NET		"

# Enable firewall debugging with8
# sysctl -w net.inet.ip.fw.verbose=1
# and look at /var/log/security 

#################################################
# NAT Configuration
#
# run NAT on the public interface
natd_enable=YES
natd_interface=eth0
natd_flags="-log_denied -use_sockets"

# for testing NAT
#natd_flags="$natd_flags -verbose"