From owner-freebsd-stable Fri Mar 23 7:57: 1 2001 Delivered-To: freebsd-stable@freebsd.org Received: from whistle.com (s205m131.whistle.com [207.76.205.131]) by hub.freebsd.org (Postfix) with ESMTP id 5A5FE37B71D for ; Fri, 23 Mar 2001 07:56:59 -0800 (PST) (envelope-from dhw@whistle.com) Received: (from smap@localhost) by whistle.com (8.10.0/8.10.0) id f2NFus517324; Fri, 23 Mar 2001 07:56:54 -0800 (PST) Received: from pau-amma.whistle.com( 207.76.205.64) by whistle.com via smap (V2.0) id xma017320; Fri, 23 Mar 2001 07:56:41 -0800 Received: (from dhw@localhost) by pau-amma.whistle.com (8.11.1/8.11.1) id f2NFufX02807; Fri, 23 Mar 2001 07:56:41 -0800 (PST) Date: Fri, 23 Mar 2001 07:56:41 -0800 (PST) From: David Wolfskill Message-Id: <200103231556.f2NFufX02807@pau-amma.whistle.com> To: brentb@loa.com, stable@FreeBSD.ORG Subject: Re: ipfw rules ?? In-Reply-To: <004b01c0b3b0$894cc660$e32b82d0@cybertours.com> Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >From: "Brent" >Date: Fri, 23 Mar 2001 10:47:12 -0500 >i recently installed ipfw on my Freebsd 4.2 machine...with default to >ACCEPT...(i couldnt get the firewall rules to work correctly with default to >DENY on in the kernel) Absent a clue as to what "work correctly" might mean for you in this situation, there's little I can do to provide very much guidance. >is there a place that has a good set of firewall >rules when using "default to DENY" in the kernel ??? Well, the distributed /etc/rc.firewall is generally what I use as a starting-point -- rather similar to using GENERIC as the starting-point for a kernel configuration. And in each case, your requirements are going to be fairly specific to your situation. Cheers, david -- David Wolfskill dhw@whistle.com UNIX System Administrator Desk: 650/577-7158 TIE: 8/499-7158 Cell: 650/759-0823 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message