From owner-freebsd-questions@FreeBSD.ORG  Sun Feb 20 18:36:07 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7F88616A4CE
	for <freebsd-questions@freebsd.org>;
	Sun, 20 Feb 2005 18:36:07 +0000 (GMT)
Received: from mail.gmx.net (pop.gmx.de [213.165.64.20])
	by mx1.FreeBSD.org (Postfix) with SMTP id 6653143D41
	for <freebsd-questions@freebsd.org>;
	Sun, 20 Feb 2005 18:36:06 +0000 (GMT)	(envelope-from barner@gmx.de)
Received: (qmail invoked by alias); 20 Feb 2005 18:36:05 -0000
Received: from unknown (EHLO zi025.glhnet.mhn.de) (129.187.19.157)
  by mail.gmx.net (mp015) with SMTP; 20 Feb 2005 19:36:05 +0100
X-Authenticated: #147403
Received: by zi025.glhnet.mhn.de (Postfix, from userid 1000)
	id DB872C282; Sun, 20 Feb 2005 19:36:24 +0100 (CET)
Date: Sun, 20 Feb 2005 19:36:24 +0100
From: Simon Barner <barner@gmx.de>
To: SigmaX <scottclansman@cwazy.co.uk>
Message-ID: <20050220183624.GG51280@zi025.glhnet.mhn.de>
References: <421A21F4.1050509@cwazy.co.uk>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="hTiIB9CRvBOLTyqY"
Content-Disposition: inline
In-Reply-To: <421A21F4.1050509@cwazy.co.uk>
User-Agent: Mutt/1.5.8i
X-Y-GMX-Trusted: 0
cc: freebsd-questions@freebsd.org
Subject: Re: IPFW config
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Feb 2005 18:36:07 -0000


--hTiIB9CRvBOLTyqY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

> Set IPFW to allow traffic on ports 80, 10000, and 23 (That's the default=
=20
> SSH port, right?)

Nope, it's 22.

> Then start IPFW with the kernel module (I know how to do this)

Have you already read
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.ht=
ml?

It describes how to enable ipfw in rc.conf, and how to specify a
firewall script that loads the rules during the boot process.

Suppose, your fw script is /etc/ipfw.rules. Then the following should
(no warranty, of course ;-) load your rules without a reboot:

# kldload ipfw.ko && sh /etc/ipfw.rules

Simon

--hTiIB9CRvBOLTyqY
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)

iD8DBQFCGNioCkn+/eutqCoRAqcLAKCKbqciZbYfXIKv/gC9Sz5HoWSPgQCgsX9w
3tHHhCnEGN4ntAZVZ8mdGTI=
=X5z6
-----END PGP SIGNATURE-----

--hTiIB9CRvBOLTyqY--