The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Previous Message  |  Next Message 
 ipfw/natd
Author: Marc Giannoni 
Date:   20-03-00 20:27

Hi:

I've setup an RFC1918 net at home and I'm using ipfw/natd because my internet connection does not use a serial port. I also prefer the 'kernel' implementation for (possibly misguided) security reasons. The release is FreeBSD-3.4.

I can't seem to get the "simple" firewall rules working correctly, and I've made some significant efforts such as modifying the "RFC1918" section to ensure that the inside interface is not blocked. "Open" rules work flawlessly (of course), but where is the security in that?? (I've read about ipfw applying rules twice to packets being forwarded - but I still can't get the rules rught....aarrrggg!)

What I am searching for are some example firewall rules for "ipfw" from people who use "ipfw". What I am NOT searching for is "try using IPFilter" from people who use "IPFilter"! Now if you happen to use "ipfw" and tell me to use "IPFilter", well.... hmmmm.... I'm not sure what I'll do then....

Marc



 Reply To This Message  |  Forum List  |  Flat View   Newer Topic  |  Older Topic 

 Topics Author  Date
 ipfw/natd   new
Marc Giannoni 20-03-00 20:27 
 RE: ipfw/natd   new
Dan Langille 20-03-00 21:30 
 RE: ipfw/natd   new
Darknight 22-03-00 02:06 
 RE: ipfw/natd   new
Dan Langille 25-03-00 01:00 
 RE: ipfw/natd   new
Marc Giannoni 31-03-00 16:53 
 RE: ipfw/natd   new
Jeff Bitgood 27-07-00 23:34 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org