Date: Sun, 31 Aug 2003 15:22:16 -0400 From: "Steve Schofield" <steve@bgeek.com> To: <freebsd-newbies@freebsd.org> Subject: Re: iptables Message-ID: <002201c36ff5$306630a0$1500a8c0@mcsebound.com> References: <20030830190107.0A39816A4DD@hub.freebsd.org> <002001c36fee$246fc470$05191eac@tvwebmaster2>
next in thread | previous in thread | raw e-mail | index | archive | help
i use ipfilter as a loadable module in the /etc/rc.conf. Its loaded on boot. For better perf, its good to compile into the KERNEL but heck it works so i'm happy with the way it is. Do a google search on IPFILTER or IPFW (IPFW is built in I think) to get more info. //Put this in your /etc/rc.conf ipfilter_enable="YES" ipfilter_program="/sbin/ipf -Fa -f" ipfilter_rules="/etc/ipf.conf" ipfilter_flags="-Ds" ipmon_enable="YES" ipmon_flags="-Dn /var/log/firewall_logs" create a file called ipf.conf in the /etc/ directory here are some sample rules I use. to refresh a rule w/o rebooting type in ipf -Fa -f /etc/ipf.conf pass in quick on xl0 proto tcp from any to any port = 25 keep state pass in quick on xl0 proto tcp from any to any port = 110 keep state pass in quick on xl0 proto tcp from any to any port = 143 keep state pass out quick proto tcp all keep state block in log quick on xl0 proto tcp from any to any ----- Original Message ----- From: "Taulant Galimuna" <taulant@ipko.net> To: <freebsd-newbies@freebsd.org> Sent: Sunday, August 31, 2003 2:31 PM Subject: iptables > Hi! > I just wanted to know if ther's any "firewall" like iptables and ipchains > (linux) on FreeBSD ?? > > regards, > Taulant > > _______________________________________________ > freebsd-newbies@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-newbies > To unsubscribe, send any mail to "freebsd-newbies-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002201c36ff5$306630a0$1500a8c0>