Date: Thu, 21 Dec 2000 15:02:35 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: sefkan <sefkan@tr909.trackstar.org> Cc: questions@FreeBSD.ORG Subject: Re: Help: Firewall w/ dynamic ip Message-ID: <20001221150235.A5931@gray.westgate.gr> In-Reply-To: <Pine.LNX.4.30.0012201802350.8360-100000@tr909.trackstar.org>; from sefkan@tr909.trackstar.org on Wed, Dec 20, 2000 at 06:13:26PM -0800 References: <Pine.LNX.4.30.0012201802350.8360-100000@tr909.trackstar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 20, 2000 at 06:13:26PM -0800, sefkan wrote:
>
> Hello,
>
> I need some help setting up a basic firewall (using /etc/rc.firewall
> and /etc/rc.conf).
...
> oif="tun0" # tun0 ?
> onet="63.166.51.125" # ?
> omask="255.255.255.240" # ? 255.255.255.0 ?
> oip="216.111.111.5" # what?
I always seem to think that rc.firewall is a nice starting point. It
provides with nice ideas about setting up your own set of rules. But
eventually, you will have to make your own rules.
What you are describing as a `problem' is easily resolved once you write
your own rules, to use `in recv tun0' and `out xmit tun0' instead of using
the IP address.
If you are too reluctant to copy/paste and edit the nice rules of
rc.firewall into a file of your own (which is what I usually recommend to
people who want to actually *learn* how ipfw works), you can always find a
good set of sample files at my home page. The URL for the ipfw section is:
<http://students.ceid.upatras.gr/~keramida/ipfw/>;
Ciao,
Giorgos.
PS: Also note that this question has been answered about a zillion times,
and there are lots of answers in the archives :-)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001221150235.A5931>