From owner-freebsd-questions  Thu Aug 10 10:10:19 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from 2711.dynacom.net (2711.dynacom.net [206.107.213.3])
	by hub.freebsd.org (Postfix) with ESMTP id DFC4837B957
	for <questions@FreeBSD.ORG>; Thu, 10 Aug 2000 10:10:15 -0700 (PDT)
	(envelope-from kstewart@urx.com)
Received: from urx.com (dsl1-160.dynacom.net [206.159.132.160])
	by 2711.dynacom.net (Build 101 8.9.3/NT-8.9.3) with ESMTP id KAA00027;
	Thu, 10 Aug 2000 10:10:03 -0700
Message-ID: <3992E1EA.AD9C2684@urx.com>
Date: Thu, 10 Aug 2000 10:10:02 -0700
From: Kent Stewart <kstewart@urx.com>
Reply-To: kstewart@urx.com
Organization: Dynacom
X-Mailer: Mozilla 4.74 [en] (Windows NT 5.0; U)
X-Accept-Language: en
MIME-Version: 1.0
To: "Andresen,Jason R." <jandrese@mitre.org>
Cc: hyghlander@mindspring.com, questions@FreeBSD.ORG
Subject: Re: Firewalling for PPP Connections
References: <Springmail.105.965917807.0.73042100@www.springmail.com> <3992C145.345E5EBF@mitre.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG



"Andresen,Jason R." wrote:
> 
> hyghlander@mindspring.com wrote:
> >
> > Folks:
> >
> > I've never been the sharpest knife in the drawer, but I was a little > confused about the reference to a network card in > http://www.freebsd.org/tutorials/dialup-firewall/rules.html.   For my > PPP interface, I'm going out via tun0 to a modem on  a serial port.  To > the best of my knowledge there's no network card in the machine.
> 
> Um, if the machine has no network attached to it, why are you setting up
> the box to be a firewall?  A firewall is supposed to sit between the
> internet and your internal network, but you appear to have not internal
> network, so the firewall seems kind of useless.  Are you sure you don't
> just want to configure PPP and not bother with the firewall at all?

I agree but you can still be probed. What I would do is add the line
"nat deny_incoming yes" to your ppp config. User-ppp has changed and
you can see the current sample at
/usr/share/examples/ppp/ppp.conf.sample

Kent

-- 
Kent Stewart
Richland, WA

mailto:kbstew99@hotmail.com
http://kstewart.urx.com/kstewart/index.html
FreeBSD News http://daily.daemonnews.org/

Bomber dropping fire retardant in front of Hanford Wild fire.
http://kstewart.urx.com/kstewart/bomber.jpg


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message