From owner-freebsd-questions  Sun Jul  5 19:27:01 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id TAA13969
          for freebsd-questions-outgoing; Sun, 5 Jul 1998 19:27:01 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from cyclops.xtra.co.nz (cyclops.xtra.co.nz [202.27.184.96])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA13961
          for <freebsd-questions@freebsd.org>; Sun, 5 Jul 1998 19:26:58 -0700 (PDT)
          (envelope-from dvlsoft@mail.actrix.gen.nz)
Received: from wocker (210-55-210-87.ipnets.xtra.co.nz [210.55.210.87])
	by cyclops.xtra.co.nz (8.8.8/8.8.8) with SMTP id OAA25536
	for <freebsd-questions@freebsd.org>; Mon, 6 Jul 1998 14:26:17 +1200 (NZST)
Message-Id: <199807060226.OAA25536@cyclops.xtra.co.nz>
From: "Dan Langille" <dan.langille@dvl-software.com>
Organization: DVL Software Limited
To: freebsd-questions@FreeBSD.ORG
Date: Mon, 6 Jul 1998 14:26:19 +1200
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: using IPFW as a firewall
Reply-to: junkmale@xtra.co.nz
X-mailer: Pegasus Mail for Win32 (v3.01a)
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I've started playing around with IPFW in order to boost up the protection
around my home network.  I've seen some recommendations as to what to
filter out, but I haven't seen many explicit examples of what rules will
make up a nice simple firewall.

My home net consists of the freebd box and two NT boxes.  The freebsd box
is acting as a firewall.  My goal is allow my NT boxes unhindered access
to the home net and to the Internet but prevent everything else from
coming in.  What I don't know is what to block.  And how to do it.  I've
been through the examples found on the freebsd website and through stuff
I've found with search engines.  Mostly, I wind up blocking something I
shouldn't and things stop working.  I've started looking at /etc/services
for an indication of what's necessary for my goals.  I'd like some
guidance.


--
Dan Langille
DVL Software Limited
http://www.dvl-software.com : for race timing solutions

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message