From owner-freebsd-questions@FreeBSD.ORG Thu Jun 3 21:00:35 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C854D16A4CE for ; Thu, 3 Jun 2004 21:00:35 -0700 (PDT) Received: from ssigc.net (dsl092-076-115.bos1.dsl.speakeasy.net [66.92.76.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3A1DB43D1F for ; Thu, 3 Jun 2004 21:00:35 -0700 (PDT) (envelope-from info@mvcg.net) Received: from ssigc.net (localhost [10.10.10.13] (may be forged)) by ssigc.net (8.12.11/8.12.10) with ESMTP id i5440Z4V019165; Fri, 4 Jun 2004 00:00:35 -0400 (EDT) Received: from NEON-DURON ([10.10.10.11]) by ssigc.net (MailMonitor for SMTP v1.2.2 ) ; Fri, 4 Jun 2004 00:00:35 -0400 (EDT) Message-ID: <00c001c449e8$72a60620$0b0a0a0a@neonduron> From: "Thomas Farrell" To: "Thomas Farrell" , , References: <40bfecf6.10ceb.0@jeack.com.au> <00aa01c449e5$5c6e2fc0$0b0a0a0a@neonduron> Date: Fri, 4 Jun 2004 00:00:16 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Subject: Re: Firestarter or equivalent? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jun 2004 04:00:35 -0000 Here is a snippet of a startup script I use for a BSD firewall nat box /sbin/ipfw add divert natd all from any to any via rl0 dhcpd rl1 -q The first line nats all traffic via interface rl0 The second line starts up a dhcpd server on the lan interface rl1. Of course you'll need a /etc/dhcpd.conf file. Mine looks like this authoritative; ddns-update-style none; log-facility local7; subnet 192.168.10.0 netmask 255.255.255.0 { dynamic-dhcp range 192.168.10.2 192.168.10.254 { option subnet-mask 255.255.255.0; option domain-name "yourdomain.com"; option domain-name-servers 4.2.2.4,4.2.2.5,4.2.2.6; option routers 192.168.10.1; option dhcp-lease-time 14400; option dhcp-renewal-time 7200; option dhcp-rebinding-time 12600; } } If you don't have dhcpd installed just go into this directory /usr/ports/net/isc-dhcp3/ and type "make && make install" you will have it after this, provided the machine is connected to the internet. good luck Tom ----- Original Message ----- From: "Thomas Farrell" To: ; Sent: Thursday, June 03, 2004 11:38 PM Subject: Re: Firestarter or equivalent? > man ipfw > > kldstat > kldload /boot/kernel/ipfw.ko > > Thats it ! > > ----- Original Message ----- > From: "Ron & Ariane Joordens" > To: > Sent: Friday, June 04, 2004 7:31 PM > Subject: Firestarter or equivalent? > > > > > > Hello FreeBSDers, > > > > Two questions really. > > > > 1. I share my internet connection via a router running NAT only. ie. no > SPI > > firewall, etc. In this situation should each of the workstation computers > > run a personal firewall? > > > > 2. If yes, is there a FreeBSD port that is similar to Firestarter for > > Linux? I have no firewall experience and am looking for the simplest way > to > > set one up > > > > Thanks for any help. > > > > Ron > > http://www.jeack.com.au > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > >