From owner-freebsd-questions Sat Apr 22 7: 9:56 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail.jet2.net (huskie.jet2.net [216.221.72.2]) by hub.freebsd.org (Postfix) with ESMTP id 6782437B7C0 for ; Sat, 22 Apr 2000 07:09:47 -0700 (PDT) (envelope-from unix_usr@jet2.net) Received: from jet2.net (dyn-74.93.jet2.net [216.221.74.93]) by mail.jet2.net (8.9.3/8.9.3) with ESMTP id KAA25500; Sat, 22 Apr 2000 10:08:53 -0400 (EDT) Message-ID: <3901C473.D1D66E28@jet2.net> Date: Sat, 22 Apr 2000 11:25:39 -0400 From: "James M. Vidican" Reply-To: webmaster@wmptl.com X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Aaron Birenboim , freebsd-questions@freebsd.org Subject: Re: firewall design References: <38FF8B91.6F23DABF@aptec.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Your best bet would probably be IRC. try http://www.defcon1.org, they used to have some pretty comprehensive quides to setting up ipfw/natd. It will most likely be easiser for you when you start using natd translation to allow inside access to outside. Nathan Vidican webmaster@wmptl.com Aaron Birenboim wrote: > I have a great many questions about firewalling, by ipfw. > Far too many to ask. > > I have one working, but am often forced to punch holes > in it to ger FTP clients working, ping (ICMP), etc. > > Where can I find writings on how build a USEFULL > firewall from FreeBSD? > I'm having a hard time setting it up to allow what I want > to allow through, nothing more, nothing less. > Does the o'riley book cover examples pertinent to FreeBSD? > Does anybody have a FBSD firewall DESIGN FAQ or www site? > I know the iusage of the ipfw command, I just run into problems > with things like ftp servers trying to make data sockets back > to my network... is there a way to allow them in for that? > It will only get harder when I get NAT running... > -- > Aaron Birenboim | Cell: (505) 350-1996 | Office: (505) 853-6866 > ATA, ABQ NM | bug_aaron@aptec.com | perl is the duct-tape > aaron@aptec.com | FAX: (505) 768-1379 | of software. > www.aptec.com/~birenboi | Main Office 247-8371 | - Grady Booch > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message