From owner-freebsd-questions@FreeBSD.ORG Fri Feb 5 20:32:18 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0ACC3106566C for ; Fri, 5 Feb 2010 20:32:18 +0000 (UTC) (envelope-from wearabnet@yahoo.ca) Received: from web111313.mail.gq1.yahoo.com (web111313.mail.gq1.yahoo.com [67.195.15.203]) by mx1.freebsd.org (Postfix) with SMTP id CF4578FC16 for ; Fri, 5 Feb 2010 20:32:17 +0000 (UTC) Received: (qmail 31560 invoked by uid 60001); 5 Feb 2010 20:32:17 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.ca; s=s1024; t=1265401937; bh=akLoDaDXac0pbmxdHj22DiQK+vcoZaCK+Cx6ZcylS5I=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=1EdaqTQux/EDYCojeFgpi5XwmhGIeSOqw+9n0SU4Bs0fdr4wko9hL0OgVwc3dBzopqqKA350jjgUjHEB5RdFn1jlhXZ1NgnoAAwxWptRUD+UcjW3m0GvKJVn90f6AVHSQTOz+rIyGQs2P/xLxvWrPsgQJ5KShU8VRQhtvOMhFRk= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.ca; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=DFzYRsNdEuFRMFr0Wkpjwk410jG6zWmfpvcLKy7MjsQNQT8giWBZmEIY+ydBs97eTGzgab3LvckYEOSMzv9Qki/ulcbmfFmDA+I6fUxrhy8GjsUgUI21WaBCY7mozwwDqMBt8NgtMjIfe/KD2aPjmlIBwDGEJ4L8F9E14dy4zKI=; Message-ID: <427296.31050.qm@web111313.mail.gq1.yahoo.com> X-YMail-OSG: XJZ3.kUVM1mc6XANbpmk575XQWSDBDlNaTqOHUZ.MPKzj4Xppr8AQGniPnMqgviS8kFRQV21liTeTLEj0PVUQOf_D4eR2xo3xIZj9nWV3LxUJ2HEXW7.Njzf49VSFvqYvZK3H.tXepGBcx64.Luio.zYdQOivSIKxUrL2FIpzhvExrShFc2mOmZ67JKrfwbokqVUIi_c8LTyAdcTUyMF0TW9xEtyI6duFYsBo0P7k2YSolFBFiM_Y9Q5ubDskg.IObxtmBRHEpQBZghziNxVsVJy_Tn1_o7.SkNOb75e1VXvz3Ga8a2TF0lPkti0U3LseYiGHFdSJ0XaIjZ7ZeN2kXvxbKZVIV4tHASOmZApe92JGhMfiRKkvfERs2HOQ2S6u_qcUwyVRv1_uJzVDoRViuIVVQ-- Received: from [89.211.99.8] by web111313.mail.gq1.yahoo.com via HTTP; Fri, 05 Feb 2010 12:32:17 PST X-Mailer: YahooMailRC/272.7 YahooMailWebService/0.8.100.260964 References: Date: Fri, 5 Feb 2010 12:32:17 -0800 (PST) From: Abdullah Ibn Hamad Al-Marri To: Iv Ray , freebsd-questions@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Subject: Re: best firewall for a web server X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Feb 2010 20:32:18 -0000 Hello, ----- Original Message ---- > From: Iv Ray > To: freebsd-questions@freebsd.org > Sent: Fri, February 5, 2010 11:24:52 PM > Subject: best firewall for a web server > > We will be running a web server - > > - FreeBSD 8.x > - Apache 2.x > - php 5.x > - PostgreSQL 8.x > - Postfix 2.x > > - The server will run nearly 98% of the time below 25% load (no high performance > firewall is needed). > - Access to the server will be done only via ssh w/ key (there will be no public > ftp, etc.). > > I read several threads on FreeBSD Questions and checked the Handbook, and my > conclusion is that PF seems the most straightforward for such "classic" > situation. > > Am I right? > > Thanks, > Iv Right, PF is the way to GO! ;) Regards, -Abdullah Ibn Hamad Al-Marri Arab Portal http://www.WeArab.Net/