From owner-freebsd-newbies  Sat Jul  4 22:24:15 1998
Return-Path: <owner-freebsd-newbies@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA22625
          for freebsd-newbies-outgoing; Sat, 4 Jul 1998 22:24:15 -0700 (PDT)
          (envelope-from owner-freebsd-newbies@FreeBSD.ORG)
Received: from cyclops.xtra.co.nz (cyclops.xtra.co.nz [202.27.184.96])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA22613
          for <freebsd-newbies@FreeBSD.ORG>; Sat, 4 Jul 1998 22:24:11 -0700 (PDT)
          (envelope-from junkmale@pop3.xtra.co.nz)
Received: from wocker (210-55-210-87.ipnets.xtra.co.nz [210.55.210.87])
	by cyclops.xtra.co.nz (8.8.8/8.8.8) with SMTP id RAA27857
	for <freebsd-newbies@FreeBSD.ORG>; Sun, 5 Jul 1998 17:23:42 +1200 (NZST)
Message-Id: <199807050523.RAA27857@cyclops.xtra.co.nz>
From: "Dan Langille" <junkmale@xtra.co.nz>
Organization: DVL Software Limited
To: freebsd-newbies@FreeBSD.ORG
Date: Sun, 5 Jul 1998 17:24:17 +1300
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: using IPFW as a firewall
Reply-to: junkmale@xtra.co.nz
X-mailer: Pegasus Mail for Win32 (v3.01a)
Sender: owner-freebsd-newbies@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

I've started playing around with IPFW in order to boost up the protection around my 
home network.  I've seen some recommendations as to what to filter out, but I haven't 
seen many explicit examples of what rules will make up a nice simple firewall.

My home net consists of the freebd box and two NT boxes.  The freebsd box is 
acting as a firewall.  My goal is allow my NT boxes unhindered access to the home 
net and to the Internet but prevent everything else from coming in.  What I don't know 
is what to block.  And how to do it.  I've been through the examples found on the 
freebsd website and through stuff I've found with search engines.  Mostly, I wind up 
blocking something I shouldn't and things stop working.  I've started looking at 
/etc/services for an indication of what's necessary for my goals.  I'd like some 
guidance.


--
Dan Langille
DVL Software Limited
http://www.dvl-software.com : for race timing solutions

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-newbies" in the body of the message