From owner-freebsd-questions@FreeBSD.ORG  Mon Feb  2 04:45:26 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4F8A816A4CE
	for <freebsd-questions@FreeBSD.ORG>;
	Mon,  2 Feb 2004 04:45:26 -0800 (PST)
Received: from gco.apana.org.au (gco.apana.org.au [202.12.88.138])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D764943D45
	for <freebsd-questions@FreeBSD.ORG>;
	Mon,  2 Feb 2004 04:45:23 -0800 (PST)
	(envelope-from dwamenae@gco.apana.org.au)
Received: from ed.edsystems.com.au (dialup3.gco.apana.org.au [202.12.88.147])
	by gco.apana.org.au (8.11.6/8.11.6) with ESMTP id i12Co6a16949
	for <freebsd-questions@FreeBSD.ORG>; Mon, 2 Feb 2004 23:50:07 +1100
From: Emmanuel Dwamena <dwamenae@gco.apana.org.au>
Organization: ED Systems Pty Ltd
To: freebsd-questions@FreeBSD.ORG
Date: Mon, 2 Feb 2004 23:44:35 +1100
User-Agent: KMail/1.5.2
MIME-Version: 1.0
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200402022344.36084.dwamenae@gco.apana.org.au>
Subject: Re: Which interface do I put natd and ipfw 
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: dwamenae@gco.apana.org.au
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Feb 2004 12:45:26 -0000

Dear friends,
I need help to set up firewall on my freebsd 5.1 box. I have built new kernel 
with ipfw enabled and is working fine.
I need to know which of the 3 interfaces do I put the natd and ipfw. 
My freebsd 5.1 box has 2 nic cards. ed0 connects to LAN and ed1 connects to 
adsl modem. I use user ppp to setup the connection to the isp who assigns 
dynamic ip address to the tun0 interface. I have no ip address assigned to 
ed1. I have traffc coming in through the tun0 from outside  to the LAN. Which 
of the interfaces do I use to block unwanted traffic from the internet.- ed1 
or tun0? How do I configure the tun0 interface for the firewall since I do 
not know the interface address before hand? Secondly which interface do I 
place natd? 
If anyone has configured adsl with dynamic ip address assigned to tun0 I will 
like to have some info about how it was configured with ipfw.
regds
ed
-- 
email: dwamenae@gco.apana.org.au