From owner-freebsd-questions@FreeBSD.ORG Thu Aug 5 01:59:26 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E40316A4CE for ; Thu, 5 Aug 2004 01:59:26 +0000 (GMT) Received: from mta9.srv.hcvlny.cv.net (mta9.srv.hcvlny.cv.net [167.206.5.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5FB9343D45 for ; Thu, 5 Aug 2004 01:59:26 +0000 (GMT) (envelope-from poisondart@optonline.net) Received: from [192.168.1.2] (ool-18ba440e.dyn.optonline.net [24.186.68.14]) by mta9.srv.hcvlny.cv.net (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTP id <0I1Y00HHRAUT94@mta9.srv.hcvlny.cv.net> for freebsd-questions@freebsd.org; Wed, 04 Aug 2004 21:59:17 -0400 (EDT) Date: Wed, 04 Aug 2004 21:59:47 -0400 From: Jonathan To: freebsd-questions@freebsd.org Message-id: <41119493.3020807@optonline.net> Organization: StreamForce Hosting Solutions MIME-version: 1.0 Content-type: text/plain; charset=us-ascii; format=flowed Content-transfer-encoding: 7BIT X-Accept-Language: en-us, en User-Agent: Mozilla Thunderbird 0.7.2 (Windows/20040707) Subject: IPFW Configuration X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Aug 2004 01:59:26 -0000 Hello, I am sort of a newbie to IPFW for FreeBSD-5.2.1. I have never used it and need some help with the configuration. Ok here goes if anyone can help. I compiled IPFIREWALL into the kernel with the options to DEFAULT TO ACCEPT ALL and the VERBOSE=50 option. With the support for IPFW in the kernel I then added firewall_enable=off to the rc.conf (with some other options that are commented out at the moment). The reason for having the firewall off right now is because i was told that rc.firewall in /etc needed to be configured for my network card (or IP addresses) before it will be able to work. My box is located at a datacebter and my box is allocated with about 90 IP addresses (and also the main server IP which was given to me when i first purchased the line). I would like to know how to configure /etc/rc.firewall to support my MAIN ip and also how to make sure the other IPS added to my box are recognized and protected by the firewall. Also I noticed in rc.firewall there are different modes to put the firewall in like simple mode, client mode, etc. (different firewall powers i guess). It would be greatly appreciated if someone can show me how to configure ipfw. I could not thank anyone more for the future help i might recieve on this issue. If you guys need a copy of rc.conf or rc.firewall in order to help just email me and i will provide an attachment. Thamks in advance Regards, Jonathan