Date: Wed, 29 Nov 2000 12:26:49 -0600 From: "Matt Bettinger" <mattb@finsyn.com> To: <questions@FreeBSD.ORG> Subject: ipfw relies on ipfilter? Message-ID: <71F816A89AA9D3119F4C00D0B7094EFC206322@FIN_SYN> In-Reply-To: <71F816A89AA9D3119F4C00D0B7094EFC247221@FIN_SYN>
index | next in thread | previous in thread | raw e-mail
Hello,
I need some clarification about this IPf and ipfw. I keep getting mixed
information it seems like the more i read the more confused i get. I have
had people try and help me and all i get are discrepancies. People tell me
there are good manuals out there but they just confuse me more. Take this
one for example off of securify.com...
How to build a BSD firewall using ipfilter. Covers everything from kernel
config to allowing
traffic. Homepage here. By Larry W. Cashdollar
Larry W. Cashdollar
11/12/99 Rev 1.0
Setting up a FreeBSD firewall
using ipfw. <<----- i thought we were
doing IPFilter?
1) You will need to add some options to your kernel config in order to
proceed. If you have never rebuilt your kernel please refer to the
FreeBSD documentation at www.freebsd.org for more information.
2) Add the following options to your kernel config file
options IPFIREWALL #firewall <<<<<------ options for
IPFW and IPFilter
options IPFIREWALL_VERBOSE #print information about
options IPFILTER #kernel ipfilter support
<<<<------- eh?????
options IPFILTER_LOG #ipfilter logging
#options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
i'm at a total loss here. I guess i just need a breather... I been at this
for a week now. I looked at the manual from freebsd.org dialup firewall, i
followed that exactly with the exception of changing my interface to ppp0.
I am on a dialup 56k modem ppp0, cuaa0, user ppp. I am having the
hardest time for some reason just trying to get something that works.
Please dont point me to the list serve archives i have looked there and
really don't see much about the actual rules.
I guess first of all I'm confused as to which one to use, right now i
really don't see that much of a difference so i guess i'll use IPFilter. I
don't need any crazy rulesets as this is just a dialup i would like to
return RST for port 113. Again i am on a dilaup connection i don't
understand if i should be using natd or what have you. Do i need to be
using natd ? Someone was helping me and told me to add dummynet and
bridging and all these things that are over my head, and don't appear
necessary with this simple lame-o dialup.... help?
Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?71F816A89AA9D3119F4C00D0B7094EFC206322>