Date: Fri, 2 Jul 1999 16:17:22 -0400 From: Christopher Michaels <ChrisMic@clientlogic.com> To: 'Sodah' <rsodah@index.com.jo>, FreeBSD-Questions@FreeBSD.org Subject: RE: rc.firewall Message-ID: <6C37EE640B78D2118D2F00A0C90FCB4401105A6F@site2s1>
next in thread | raw e-mail | index | archive | help
Are you running ppp -alias? Also, there is no easy to do this. The best idea would be to either use ppp's filtering capability or you would need to have a ipfw script that was called on each connect, and is passed the current IP on the command line. -Chris > -----Original Message----- > From: Sodah [SMTP:rsodah@index.com.jo] > Sent: Friday, July 02, 1999 6:28 AM > To: FreeBSD-Questions@FreeBSD.org > Subject: rc.firewall > > > > Greetings, > > > i need help to configure my ipfw. i am running ppp > to dialup my ISP . My IPS gives me a dyn.ip > > ISP-modem-BSD-Win > > BSD = [192.168.0.1] as Gateway > Win = [192.168.0.2] > > > > > i did the following to implemt a simple Frewall: > /etc/rc.conf > firewall_enable="YES" # Set to YES to enable firewall > functionality > firewall_type="simple" # Firewall type (see /etc/rc.firewall) > > i built my own kernel with the following options > options IPFIREWALL #firewall > options IPFIREWALL_VERBOSE #print info about pack > options "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity > options IPFIREWALL_DEFAULT_TO_ACCEPT #allow > options IPDIVERT #divert sockets > > > now i am trying to setup up my firewall rules: > # set these to your outside interface network and netmask and ip > oif="tun0" > onet="A.A.A.A " > omask="255.255.255.0" > oip="B.B.B.B" > > # set these to your inside interface network and netmask and ip > iif="ed1" > inet="C.C.C.C" > imask="255.255.255.0" > iip="192.168.0.1" > > > > This an output of my routings table, when i connected to my ISP > bash-2.02$ netstat -rn > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif > Expire > default 212.38.128.20 UGSc 4 20 tun0 > 127.0.0.1 127.0.0.1 UH 0 0 lo0 > 192.168 link#1 UC 0 0 ed1 > 192.168.0.2 0:0:e8:61:2:39 UHLW 2 377 ed1 > 954 > 192.168.0.255 ff:ff:ff:ff:ff:ff UHLWb 2 23 ed1 > 212.38.128.20 212.38.128.84 UH 4 0 tun0 > bash-2.02$ > > 1. What has to be inside the /etc/rc.firewall? i wan to change the > following ips as assigned by my isp and my subnetwork > so that it works for me later: > A.A.A.A > B.B.B.B > C.C.C.C > > 2. till now i can not run mIRC at my Win box and cant browse via > netscape > i think due to my firewall rules setting or not ..? > > -Pons > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6C37EE640B78D2118D2F00A0C90FCB4401105A6F>