Date: Wed, 08 May 2002 14:46:12 -0400 From: Sam Drinkard <sam@wa4phy.net> To: freebsd-security@freebsd.org Subject: Stock rc.firewall Message-ID: <3CD97274.4B62D938@vortex.wa4phy.net>
next in thread | raw e-mail | index | archive | help
Hello all,
I may be trying too hard to close stuff off, but I've read so much
that I'm pretty confused now, and would appreciate some pointers, or
examples. Situation:
In setting up the "simple" mode firewall, I find that works quite
well -- too well in fact, that it also kills all connectivity to the
internal windoze box via samba. Can't ping it nor can it ping the bsd
machine. I added a rule, "add pass ip from 192.168.100.5 to any via
any, which permits tcp to function, but again, samba is dead becuse of
the port 137 blocking. The services I currently need are the ntalkd,
and pop3 ports as defined by inetd.conf, port 80, and the other "normal"
services ports, i.e., ntp, dns, ssh, etc.
I have tried several different ideas, but every time, something
breaks something else, and the things I've been reading don't really
help much, including the docs on security, ipfw, and web-docs. I'd sure
appreciate it if someone could lend a hand here.. and if it will help,
here's the basic configuration.
FreeBSD connected to cable, feeding a single windoze machine at
192.168.100.5. So its pretty simple network at this point. My linux
machine is currently off-line because of a hardware problem, but is also
a 192.168 address.
If I use the "open" version of the rc.firewall, of course,
everything works just great with natd, but that's got to change.
TIA...
Sam
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CD97274.4B62D938>