From owner-freebsd-hackers Mon Jun 10 07:26:32 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA24123 for hackers-outgoing; Mon, 10 Jun 1996 07:26:32 -0700 (PDT) Received: from shogun.tdktca.com ([206.26.1.21]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA24100 for ; Mon, 10 Jun 1996 07:26:29 -0700 (PDT) Received: from shogun.tdktca.com (daemon@localhost) by shogun.tdktca.com (8.7.2/8.7.2) with ESMTP id JAA07631 for ; Mon, 10 Jun 1996 09:27:54 -0500 (CDT) Received: from orion.fa.tdktca.com ([163.49.131.130]) by shogun.tdktca.com (8.7.2/8.7.2) with SMTP id JAA07624 for ; Mon, 10 Jun 1996 09:27:54 -0500 (CDT) Received: from orion (alex@localhost [127.0.0.1]) by orion.fa.tdktca.com (8.6.12/8.6.9) with SMTP id JAA19217; Mon, 10 Jun 1996 09:32:45 -0500 Message-ID: <31BC320C.3454CA09@fa.tdktca.com> Date: Mon, 10 Jun 1996 09:32:44 -0500 From: Alex Nash Organization: TDK Factory Automation X-Mailer: Mozilla 2.0 (X11; I; Linux 1.2.13 i586) MIME-Version: 1.0 To: didier@omnix.fr.org CC: hackers@freebsd.org Subject: Re: firewall (ipfw) References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk didier@omnix.fr.org wrote: > > The company I'm working for plan to install a permanent acces to internet > through an analogic leased line and two 32kb modems. > > to protect our application in plan to install the firewall builtin FreeBSD > > I've never used ipfw and I dont have any experience with firewalls. > > could you tell me how I could set up this machine >From /etc/rc.firewall (in -current): # If you don't know enough about packet filtering, we suggest that you # take time to read this book: # # Building Internet Firewalls # Brent Chapman and Elizabeth Zwicky # # O'Reilly & Associates, Inc # ISBN 1-56592-124-0 # # For a more advanced treatment of Internet Security read: # # Firewalls & Internet Security # Repelling the wily hacker # William R. Cheswick, Steven M. Bellowin # # Addison-Wesley # ISBN 0-201-6337-4 There is also an excellent firewall discussion in the handbook. See section 6.4, currently available at: http://www.freebsd.org/handbook/handbook71.html#73 Note that the syntax of ipfw has changed from that documented in the handbook (I'm working on it, really!). To get acquainted with the new syntax: - type ipfw without any arguments to see the usage - look at ipfw(8) <-- I'm fixing this one too - and peruse /etc/rc.firewall in -current. BTW, this probably should be moved to freebsd-security. Alternatively, I'd be happy to discuss this with you off-line. Alex