Date: Tue, 17 Apr 2001 17:43:40 -0500 From: Noah Dunker <ndunker@jccc.net> To: "'michael@tenzo.com'" <michael@tenzo.com>, freebsd-questions@FreeBSD.ORG Subject: RE: Three easy questions about ipfw... Message-ID: <C18E28011272D41180AD00B0D0496C0801C02169@ns-exch05>
next in thread | raw e-mail | index | archive | help
1) "No." Block it on the external IP.
2) I'd say it's acceptable. If your network doesn't change, make it static.
3) Again... There's no real rule on how to write your IPFW filters.
Just run with what works, and have fun!
Noah Dunker
Systems Analyst/Technician
Johnson County Community College
-----Original Message-----
From: Michael O'Henly [mailto:michael@tenzo.com]
Sent: Tuesday, April 17, 2001 5:43 PM
To: freebsd-questions@FreeBSD.ORG
Subject: Three easy questions about ipfw...
Hi...
1. If I'm running sendmail but use it for outgoing mail only, should I make
port 25 open on the external interface? For instance, would my machine need
to receive responses confirming that outgoing mail has been successfully
delivered?
2. If I describe $onet as being equal to $oip, ipfw seems to be able to
figure out the bitmask for $onet by looking at the netmask. (I know this
because I can see what $onet is expanded to when I do a 'ipfw list'.) Is
this
acceptable or should I be using something like:
onet=`ifconfig rl0 | grep "inet " | awk '{print $2 "/23"}'`
3. If describing $onet as being equal to $oip _is_ acceptable, would it be
more efficient to enter it as...
onet=`ifconfig rl0 | grep "inet " | awk '{print $2}'`
omask="255.255.254.0"
oip=onet
Or better yet, to just replace all occurrences of $onet in rc.firewall with
$oip?
Thanks.
M.
--
Michael O'Henly
TENZO Design
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C18E28011272D41180AD00B0D0496C0801C02169>