Date: Mon, 21 May 2001 01:05:47 -0700 (MST) From: "Orville R. Weyrich.Jr" <orville@weyrich.com> To: Chojin <chojin@nerim.net> Cc: freebsd-net@FreeBSD.ORG Subject: Re: Restricting traffic on one interface Message-ID: <Pine.LNX.4.10.10105210100070.3361-100000@dopey.weyrich.com> In-Reply-To: <000701c0e0fc$83a9d620$0245a8c0@chojin>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the suggestion, but where do I get ipf? I don't see it in the FreeBSD packages region under networking or security. The closest I see in functionality I see is xinetd, but it only seems to allow me to specity ip addresses to enable/disable, but does not seem to have an option to specify the network interface. I guess xinetd is better than nothing, if I trust the outer firewall to filter out unexpected incoming ip addresses, but the whole point is that I do NOT trust the outer firewall to do it's job perfectly. Regards, orville. On Sun, 20 May 2001, Chojin wrote: > Use ipf > (it's not ipfw) > ----- Original Message ----- > From: "Orville R. Weyrich.Jr" <orville@weyrich.com> > Cc: "Freebsd Net (E-mail)" <freebsd-net@FreeBSD.ORG> > Sent: Sunday, May 20, 2001 8:07 AM > Subject: Restricting traffic on one interface > > > > Hi -- > > > > I have a dual homed FreeBSD-4.3 machine and want to restrict traffic on > > one interface but not the other (one interface is to a trusted network and > > the other is not). > > > > What I want is the untrusted interface to only present SMTP and HTTP > > ports, while the trusted interface presents telnet, ftp, NFS, SMB, etc. > > > > What is the best way to do this? The machine does NOT have IP forwarding > > enabled. > > > > ------------------------------------------------------------------- > > Orville R. Weyrich, Jr. Weyrich Computer Consulting > > mailto:orville@weyrich.com KD7HJV http://www.weyrich.com > > ------------------------------------------------------------------- > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > =================================================================== IF YOU WANT REFORM >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> VOTE REFORM ------------------------------------------------------------------- Orville R. Weyrich, Jr. Weyrich Computer Consulting mailto:orville@weyrich.com KD7HJV http://www.weyrich.com ------------------------------------------------------------------- Visit our online collection of book reviews: http://www.weyrich.com/book_reviews/ Ask about our world wide web services! ------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.10.10105210100070.3361-100000>