Date: Tue, 7 Sep 2004 20:51:24 +1000 (EST) From: Neo-Vortex <root@Neo-Vortex.Ath.Cx> To: brisbanebsd@mac.com Cc: freebsd-security <freebsd-security@freebsd.org> Subject: Re: ipfw2 in 5.2.1 Message-ID: <20040907204931.C39262@Neo-Vortex.Ath.Cx> In-Reply-To: <615788.1094553681580.JavaMail.brisbanebsd@mac.com> References: <615788.1094553681580.JavaMail.brisbanebsd@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 7 Sep 2004 brisbanebsd@mac.com wrote: > hi - this is my first post to this list so go easy on me ! I am trying to find info on using ipfw2 with freebsd 5.2.1 as I have read that it supports MAC address based firewalling. Situation is, I have a small externally managed VPN network, about 12 different subnets all terminating in my office location, and all managed by a tier 1 telco. Problem is, their CPE routers do not have any firewalling capability. I was going to try and place a freebsd box between this external netowrk and my internal network and only allow traffic from know MAC addresses. > > I cannot find a lot of info on google on compiling the kernal for ipfw2, and their is no man page for ipfw2 only ipfw. he he, thats because 5.2.1 uses ipfw2 by default... so yeah, when you enable the firewall in the kernel, its ipfw2 :P easiest way is just run 'kldload ipfw', but yeah, make sure your at the console because it DEFAULTS TO CLOSED! (ie, all communication will stop), and incase you need to quickly unload it, 'kldunload ipfw', you can compile it in the kernel, but yeah, to get started you can just use kldload :P nice and quick :P > If thisis the wrong list can someone please direct me to the right one. Ta. ~Neo-Vortex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040907204931.C39262>