From owner-freebsd-questions@FreeBSD.ORG Tue Apr 26 02:34:42 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D04121065675 for ; Tue, 26 Apr 2011 02:34:42 +0000 (UTC) (envelope-from olivares14031@gmail.com) Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id 569898FC1A for ; Tue, 26 Apr 2011 02:34:41 +0000 (UTC) Received: by bwz12 with SMTP id 12so269524bwz.13 for ; Mon, 25 Apr 2011 19:34:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type:content-transfer-encoding; bh=ypxPlrqT6lvEABt6XafijsrUxbJGc9Wt4OfYbRsUOaI=; b=WL5GQPusC9K0cPFet1w3kS8XHhaFObHcfnhyXLtj0HpiSVxRoAzvoqBU3tjdBsme+X ZwN6zXV21woJNI3HtitRBZjwn+7f4XLGx5u2m1ap89LZlGnO7sjYXFIG/DgKKFyaSJWm /wGVYf4/pLfAKMyg/ZT8Kcy4kU0+RHEZMYCco= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=Mh/SJJVtSY0627ezzdqpksI6LoE5xztGskJ4+5gs0E3EcqcCpsDp5dwJiysbQeffc5 yYrDTldGg8h0pTWFlXNvMf3tU+iZuTKFdMv//LSjH6XZQSsNaZ/QvUfs60rdXczmbSgo NuzXm1UcSuCD6li+dlhcE7QrShUShZeMkifUY= MIME-Version: 1.0 Received: by 10.204.151.202 with SMTP id d10mr140828bkw.168.1303785281038; Mon, 25 Apr 2011 19:34:41 -0700 (PDT) Received: by 10.204.169.65 with HTTP; Mon, 25 Apr 2011 19:34:41 -0700 (PDT) In-Reply-To: References: Date: Mon, 25 Apr 2011 21:34:41 -0500 Message-ID: From: Antonio Olivares To: FreeBSD Questions Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: easy Firewall setup X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Apr 2011 02:34:42 -0000 On Mon, Apr 25, 2011 at 9:06 PM, Daniel Staal wrote: > --As of April 25, 2011 7:43:33 PM -0500, Antonio Olivares is alleged to h= ave > said: > >> I don't know which one to use, is there a page, howto (build a >> firewall or convert an existing one) to use here? =A0All I want is to be >> allowed to visit websites but don't allow anyone out there to come in >> somehow a template that I can use and try out to see if I can get it >> working. =A0Of course the network name might be different, but I can try >> to figure things out. > > If all you want is a firewall, I'd go with this: > > > Based on FreeBSD, but they've set it up nice and put an easy-to-use > interface on top of it. > > Of course if you wanted you could always just install the base system, tu= rn > on routing, and configure pf/iptables. =A0There's not really a whole lot = to > either one, really... =A0But if you don't feel like learning their syntax > right now, or doing everything via a text editor, I'd really go with > pfsense. =A0(Even if you *do* know their syntax, in most cases I'd go wit= h > pfsense...) > >> After figuring this out, my next big job/task is to use FreeBSD to >> make up a new router/dhcp server to give/assign ip numbers to machines >> from one and give to many. =A0This has been something hard that I have >> failed at several times. =A0Maybe with FreeBSD I can be successfull? > > pfsense has a DHCP server, no problem there. > > Daniel T. Staal > > --------------------------------------------------------------- Thanks for sharing this. I have a base FreeBSD 8.2 system on one machine and I would like to setup a firewall that allows me to visit websites and not allow incoming traffic. Something easy to set up and start like /etc/local/rc.d/rc.pf start or similar. A nice example which I can change somethings like name of network device, i.e, nv0, or similar device. I will try further reading and try to set something up as I am afraid to screw things up. Regards, Antonio