From owner-freebsd-questions@FreeBSD.ORG  Thu Oct 23 02:17:17 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D859116A4B3
	for <freebsd-questions@freebsd.org>;
	Thu, 23 Oct 2003 02:17:17 -0700 (PDT)
Received: from stork.mail.pas.earthlink.net (stork.mail.pas.earthlink.net
	[207.217.120.188])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2B4A943F3F
	for <freebsd-questions@freebsd.org>;
	Thu, 23 Oct 2003 02:17:17 -0700 (PDT)
	(envelope-from richardcoleman@mindspring.com)
Received: from adsl-068-213-016-023.sip.asm.bellsouth.net ([68.213.16.23]
	helo=mindspring.com)
	by stork.mail.pas.earthlink.net with asmtp (Exim 3.33 #1)
	id 1ACbak-0002vJ-00; Thu, 23 Oct 2003 02:17:15 -0700
Message-ID: <3F979C9C.8030105@mindspring.com>
Date: Thu, 23 Oct 2003 05:17:16 -0400
From: Richard Coleman <richardcoleman@mindspring.com>
Organization: Critical Magic, Inc.
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.4.1) Gecko/20031008
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Mihail <hej@hot.ee>
References: <20031022132848.F3E64F49@portal.hot.ee>
In-Reply-To: <20031022132848.F3E64F49@portal.hot.ee>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: 1ee258965991efcb0865379cdb43356e5e89bb4777695beb702e37df12b9c9eff5ce16b33384a75a0ae44e2703ba304d350badd9bab72f9c350badd9bab72f9c
cc: freebsd-questions@freebsd.org
Subject: Re: Firewall rules
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: richardcoleman@mindspring.com
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Oct 2003 09:17:18 -0000

Do a quick google search on "building freebsd firewall".  I was building 
a FreeBSD firewall this week, and several of these sites were very 
helpful.  There are sites for both ipfilter and ipfw.  So, take your 
pick.  I'm using ipfilter, but either firewall method will be sufficient 
for most people.

Richard Coleman
richardcoleman@mindspring.com

Mihail wrote:
> Hello,
> 
> I'm trying to set up a firewall with ipfw by using the client
> firewall type given in rc.firewall as an example. My problem
> is that the client rules don't allow me to do common
> web-browsing. What should I add to the script to
> resolve this without seriously compromising security?
> 
> cheers,
> Mihail