From owner-freebsd-questions@FreeBSD.ORG Fri Jul 30 14:35:34 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D9F3016A4CE for ; Fri, 30 Jul 2004 14:35:34 +0000 (GMT) Received: from lakermmtao03.cox.net (lakermmtao03.cox.net [68.230.240.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3D64C43D41 for ; Fri, 30 Jul 2004 14:35:34 +0000 (GMT) (envelope-from james.coulter@cox.net) Received: from sabrina ([68.105.58.150]) by lakermmtao03.cox.net (InterMail vM.6.01.03.02.01 201-2131-111-104-103-20040709) with ESMTP id <20040730143533.FHQI17122.lakermmtao03.cox.net@sabrina>; Fri, 30 Jul 2004 10:35:33 -0400 From: "James A. Coulter" To: Date: Fri, 30 Jul 2004 09:35:31 -0500 Message-ID: <002701c47642$77b9a230$6e01a8c0@sabrina> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.6626 In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 Importance: Normal cc: freebsd-questions@freebsd.org Subject: RE: DHCP and the "SIMPLE" option in /etc/rc.firewall X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2004 14:35:35 -0000 Thanks - I'm going to give the Stateful + NATD rule set a try. > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of JJB > Sent: Friday, July 30, 2004 8:20 AM > To: James A. Coulter; freebsd-questions@freebsd.org > Subject: RE: DHCP and the "SIMPLE" option in /etc/rc.firewall > > > The handbook Firewall section has been rewritten. > > It's temporally available from www.a1poweruser.com/FBSD_firewall/ > as the Doc group works to sanitize the English. > It incorporates the long awaited solution to > getting ipfw + natd + stateful rules to function together, > as well as OpenBSD pf firewall which is scheduled to become > the third built in firewall software solution delivered with > the FreeBSD install when 5.x ever makes it to the stable branch. > > > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of > James A. Coulter > Sent: Friday, July 30, 2004 8:59 AM > To: freebsd-questions@freebsd.org > Subject: DHCP and the "SIMPLE" option in /etc/rc.firewall > > I am setting up a firewall for a gateway/router running FreeBSD 4.10. > > This is for a small home LAN. > > I have already compiled and installed a custom kernel with > the IPFIREWALL and IPDIVERT options and configured the > firewall to pass any to any without any problems - now it's > time to start locking it down. > > I would like to use the firewall_type="SIMPLE" option > rc.conf. But I'm not sure how I should set up my external > nic in /etc/rc.firewall, i.e: > > # set these to your outside interface network and netmask and ip > oif="ed0" > onet="192.0.2.0" > omask="255.255.255.240" > oip="192.0.2.1" > > My outside interface is connected to a cable modem and is > configured for DHCP > > Without a static IP address for my outside interface, how do > I set these options? > > TIA for your help. > > Jim C. > > ----------------------------------- > Check it out: The Black Dog Gallery http://polaris.umuc.edu/~jcoulter