Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 02 Jul 1999 13:28:27 +0300
From:      Sodah <rsodah@index.com.jo>
To:        FreeBSD-Questions@FreeBSD.org
Subject:   rc.firewall
Message-ID:  <377C944A.FDC8CD7E@index.com.jo>
next in thread | raw e-mail | index | archive | help 


Greetings,


i need help to configure my ipfw. i am running ppp
to dialup my ISP . My IPS gives me a  dyn.ip

ISP-modem-BSD-Win

BSD = [192.168.0.1] as Gateway
Win = [192.168.0.2]




i did the following to implemt  a simple Frewall:
/etc/rc.conf
firewall_enable="YES"           # Set to YES to enable firewall
functionality
firewall_type="simple"          # Firewall type (see /etc/rc.firewall)

i built my own kernel with the following options
options         IPFIREWALL              #firewall
options         IPFIREWALL_VERBOSE      #print info about pack
options         "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity
options         IPFIREWALL_DEFAULT_TO_ACCEPT #allow
options         IPDIVERT                #divert sockets


now i am trying to setup up my  firewall rules:
  # set these to your outside interface network and netmask and ip
    oif="tun0"
    onet="A.A.A.A "
    omask="255.255.255.0"
    oip="B.B.B.B"

    # set these to your inside interface network and netmask and ip
    iif="ed1"
    inet="C.C.C.C"
    imask="255.255.255.0"
    iip="192.168.0.1"



This an output of my routings table, when i connected to my ISP
bash-2.02$ netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags     Refs     Use     Netif
Expire
default            212.38.128.20      UGSc        4       20     tun0
127.0.0.1          127.0.0.1          UH          0        0      lo0
192.168            link#1             UC          0        0      ed1
192.168.0.2        0:0:e8:61:2:39     UHLW        2      377      ed1
954
192.168.0.255      ff:ff:ff:ff:ff:ff  UHLWb       2       23      ed1
212.38.128.20      212.38.128.84      UH          4        0     tun0
bash-2.02$

1. What has to be inside the /etc/rc.firewall? i wan to change the
following ips as assigned by my isp and my subnetwork
so that it works for me later:
A.A.A.A
B.B.B.B
C.C.C.C

2. till now i can not run mIRC at my Win box and cant browse via
netscape
i think due to my firewall rules setting or not ..?

-Pons



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?377C944A.FDC8CD7E>