Date: Thu, 10 Aug 2000 10:10:02 -0700 From: Kent Stewart <kstewart@urx.com> To: "Andresen,Jason R." <jandrese@mitre.org> Cc: hyghlander@mindspring.com, questions@FreeBSD.ORG Subject: Re: Firewalling for PPP Connections Message-ID: <3992E1EA.AD9C2684@urx.com> References: <Springmail.105.965917807.0.73042100@www.springmail.com> <3992C145.345E5EBF@mitre.org>
next in thread | previous in thread | raw e-mail | index | archive | help
"Andresen,Jason R." wrote: > > hyghlander@mindspring.com wrote: > > > > Folks: > > > > I've never been the sharpest knife in the drawer, but I was a little > confused about the reference to a network card in > http://www.freebsd.org/tutorials/dialup-firewall/rules.html. For my > PPP interface, I'm going out via tun0 to a modem on a serial port. To > the best of my knowledge there's no network card in the machine. > > Um, if the machine has no network attached to it, why are you setting up > the box to be a firewall? A firewall is supposed to sit between the > internet and your internal network, but you appear to have not internal > network, so the firewall seems kind of useless. Are you sure you don't > just want to configure PPP and not bother with the firewall at all? I agree but you can still be probed. What I would do is add the line "nat deny_incoming yes" to your ppp config. User-ppp has changed and you can see the current sample at /usr/share/examples/ppp/ppp.conf.sample Kent -- Kent Stewart Richland, WA mailto:kbstew99@hotmail.com http://kstewart.urx.com/kstewart/index.html FreeBSD News http://daily.daemonnews.org/ Bomber dropping fire retardant in front of Hanford Wild fire. http://kstewart.urx.com/kstewart/bomber.jpg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3992E1EA.AD9C2684>