From owner-freebsd-questions  Fri Jul  2  3:27:27 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from mail0.index.com.jo (mail0.index.com.jo [212.38.128.13])
	by hub.freebsd.org (Postfix) with ESMTP id 4560714F31
	for <FreeBSD-Questions@FreeBSD.org>; Fri,  2 Jul 1999 03:27:18 -0700 (PDT)
	(envelope-from rsodah@index.com.jo)
Received: from index.com.jo ([212.38.128.142]) by mail0.index.com.jo
          (Netscape Messaging Server 3.62)  with ESMTP id 441
          for <FreeBSD-Questions@FreeBSD.org>;
          Fri, 2 Jul 1999 12:24:18 +0200
Message-ID: <377C944A.FDC8CD7E@index.com.jo>
Date: Fri, 02 Jul 1999 13:28:27 +0300
From: Sodah <rsodah@index.com.jo>
X-Mailer: Mozilla 4.07 [en] (X11; I; FreeBSD 3.0-RELEASE i386)
MIME-Version: 1.0
To: FreeBSD-Questions@FreeBSD.org
Subject: rc.firewall
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG



Greetings,


i need help to configure my ipfw. i am running ppp
to dialup my ISP . My IPS gives me a  dyn.ip

ISP-modem-BSD-Win

BSD = [192.168.0.1] as Gateway
Win = [192.168.0.2]




i did the following to implemt  a simple Frewall:
/etc/rc.conf
firewall_enable="YES"           # Set to YES to enable firewall
functionality
firewall_type="simple"          # Firewall type (see /etc/rc.firewall)

i built my own kernel with the following options
options         IPFIREWALL              #firewall
options         IPFIREWALL_VERBOSE      #print info about pack
options         "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity
options         IPFIREWALL_DEFAULT_TO_ACCEPT #allow
options         IPDIVERT                #divert sockets


now i am trying to setup up my  firewall rules:
  # set these to your outside interface network and netmask and ip
    oif="tun0"
    onet="A.A.A.A "
    omask="255.255.255.0"
    oip="B.B.B.B"

    # set these to your inside interface network and netmask and ip
    iif="ed1"
    inet="C.C.C.C"
    imask="255.255.255.0"
    iip="192.168.0.1"



This an output of my routings table, when i connected to my ISP
bash-2.02$ netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags     Refs     Use     Netif
Expire
default            212.38.128.20      UGSc        4       20     tun0
127.0.0.1          127.0.0.1          UH          0        0      lo0
192.168            link#1             UC          0        0      ed1
192.168.0.2        0:0:e8:61:2:39     UHLW        2      377      ed1
954
192.168.0.255      ff:ff:ff:ff:ff:ff  UHLWb       2       23      ed1
212.38.128.20      212.38.128.84      UH          4        0     tun0
bash-2.02$

1. What has to be inside the /etc/rc.firewall? i wan to change the
following ips as assigned by my isp and my subnetwork
so that it works for me later:
A.A.A.A
B.B.B.B
C.C.C.C

2. till now i can not run mIRC at my Win box and cant browse via
netscape
i think due to my firewall rules setting or not ..?

-Pons



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message