Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 18 Jan 2000 11:22:27 -0500 (EST)
From:      Omachonu Ogali <oogali@intranova.net>
To:        Brian Gallucci <briang@expnet.net>
Cc:        isp@freebsd.org, freebsd-ipfw@freebsd.org
Subject:   Re: New Firewall
Message-ID:  <Pine.BSF.4.10.10001181116020.131-100000@hydrant.intranova.net>
In-Reply-To: <000901bf6198$df4927e0$095aaed8@expnet.net>

next in thread | previous in thread | raw e-mail | index | archive | help
The following rules can help if you are going to be running SMTP, HTTP,
POP3, and HTTPS, delete what you don't need.

# -- Pass through for already established connections
ipfw add allow tcp from any to any established

# -- SMTP
ipfw add allow tcp from any to x.x.x.x 25

# -- HTTP
ipfw add allow tcp from any to x.x.x.x 80

# -- POP3
ipfw add allow tcp from any to x.x.x.x 110

# -- HTTPS
ipfw add allow tcp from any to x.x.x.x 443

# -- Allow setup of outgoing connections
ipfw add allow tcp from x.x.x.x to any setup

# -- Deny setup of other incoming connections
ipfw add deny tcp from any to any setup

# -- Deny other incoming IP packets.
ipfw add deny ip from any to any

Omachonu Ogali
Intranova Networking Group

On Tue, 18 Jan 2000, Brian Gallucci wrote:

> We are looking at putting up a new firewall at one of our clients sites
> using FreeBSD 3-4. Is there any bugs we should know about with IPFW ? They
> will be
> doing some webhosting and email.
> 
> Thanks
> -Brian
> 
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10001181116020.131-100000>