Lines Matching full:exposed

144 fxp0 is connected to the 'exposed' LAN.
160 is given two Internet-exposed addresses on fxp0 in addition to an
161 internal 10.\& address on fxp0: one exposed address (not shown)
162 represents the machine's official address, and the second exposed
166 on the exposed LAN internal 10.0.0.x addresses as well as exposed
169 to internal addresses even on exposed machines and still protect
172 exposed IP addresses would be the ones you wish to expose to the
179 Also, in our example, we pretty much give the exposed hosts free
183 risk: what if an exposed host is compromised?
218 # 192.100.5.x represents IP addresses exposed to the Internet
220 # (not exposed)
229 # +--> exposed host A
230 # +--> exposed host B
231 # +--> exposed host C
240 # to protect the dual-homed 10.0.0.x block. Exposed hosts are
242 # exposed services to exposed IPs but can safely bind internal
250 # NOT have to run internal requests to exposed hosts through natd
251 # (rule 00290) because those exposed hosts know about our
293 # internal hosts, even those on the exposed LAN (as long as
295 # potential security hole (what if an exposed host is
301 # to give exposed hosts free reign with each other, get
320 # GENERAL SERVICES ALLOWED TO CROSS INTERNAL AND EXPOSED LANS
325 # really only apply to services bound to exposed IPs. We have
332 # on all exposed machines to make sure they bind temporary ports
333 # to the exposed port range (see rc.conf example above)
339 # services bound to exposed addresses. NOTE: we allow 'auth'
340 # through but do not actually run an identd server on any exposed
391 and two exposed IP addresses