Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 24 Jan 2001 18:35:50 -0500
From:      "John Telford" <j.telford@sympatico.ca>
To:        "Pete Fritchman" <petef@databits.net>, <freebsd-questions@freebsd.org>
Subject:   Re: IPFW modify the "simple" rule set 4.2 to allow ...
Message-ID:  <000c01c0865e$62a9b1f0$b121e540@johnny2k>
References:  <000a01c08606$9041efe0$2823e540@johnny2k> <20010124104631.B4887@databits.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
Sorry, it does belong in -questions.
The WWW server is a separate box behind the firewall with a public IP #
redirected to it's private IP #.
Regards, John.
----- Original Message -----
From: "Pete Fritchman" <petef@databits.net>
To: "John Telford" <j.telford@sympatico.ca>
Cc: <freebsd-security@freebsd.org>
Sent: Wednesday, January 24, 2001 10:46 AM
Subject: Re: IPFW modify the "simple" rule set 4.2 to allow ...


> [ freebsd-net removed ]
>
> ++ 24/01/01 08:07 -0500 - John Telford:
> >I'd like to get the settings in the right place so I'm asking the
experts. Freebsd 4.2 release with firewall type set to "simple".
> >It works but I'd like to allow 2 things through.
> >SSH connections from the public side to the firewall.
>
> You'll need to modify /etc/rc.firewall.  Look through until you see
something
> like:
>
> [Ss][Ii][Mm][Pp][Ll][Ee])
>         ############
>         # This is a prototype setup for a simple firewall.  Configure this
>         # machine as a named server and ntp server, and point all the
machines
>         # on the inside at this machine for those services.
>         ############
>
> Scroll down and before the command that says "Reject&Log all setup of
incoming
> connections ...", add:
>
> # Allow access to SSH
> ${fwcmd} add pass tcp from any to ${oip} 22 setup
>
> >Connections to a Web server on the inside.
>
> I'm not quite sure what you mean - do you have a webserver on another
port?
> WWW is already allowed through in the simple firewall type.
>
> >
> >Thanks in advance. John.
>
> -pete
>
> --
> Pete Fritchman <petef@databits.net>
> Databits Network Services, Inc. <http://databits.net>;
>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000c01c0865e$62a9b1f0$b121e540>