Date: Fri, 22 Mar 2002 19:40:19 -0500 (EST) From: Kenneth Culver <culverk@alpha.yumyumyum.org> To: Cliff Sarginson <csfbsd@raggedclown.net> Cc: questions@FreeBSD.ORG Subject: Re: ipfw rules (was: Re: Advocacy help for CS professor) Message-ID: <20020322193812.K792-100000@alpha.yumyumyum.org> In-Reply-To: <20020323003356.GQ4940@raggedclown.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> I know, but every firewall I have ever made has not worked. I think I > have a blind spot. Seriously I have firewall scripts coming out of my > ears, I have almost begged Crist Clark to write a book on it. But every > firewall I have built just does not work. And as I have loudly let it be > known, I have been cracked. My firewalls either let villains in, or keep > me out. I read all the books :) This is just my opinion, but if you havn't tried ipfilter, you should... I have a VERY simple ipfilter/ipnat configuration that keeps out all incoming traffic except ssh and email, and does stateful firewalling as well to allow my natted computers to connect through the firewall, and I have yet to have any problems. This isn't to say that I never will, but I've been running it this way for nearly a year now and never had a problem. Ken To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020322193812.K792-100000>