Date: Tue, 19 Jun 2001 09:15:11 +0200 From: Neil Fryer <neilf@mip.co.za> To: "default013 - subscriptions" <default013subscriptions@hotmail.com>, "default013 - subscriptions" <default013subscriptions@hotmail.com>, <freebsd-security@FreeBSD.ORG> Subject: Re: IPFW newbie Message-ID: <0106190918132R.00481@xyberpix.mip.co.za> In-Reply-To: <OE34va7DYaOqlOQq2vX00002c3c@hotmail.com> References: <OE34va7DYaOqlOQq2vX00002c3c@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
'ello again Ok, if you have a look at LINT, there's something in there that says add an entry to rc.conf, something along the lines of FIREWALL_TYPE=open, or something like that, and then when you reboot you'll be allowed access. You can then just remove this option when all your rules are in place. Alternatively, you could write some rules to allow you to ssh into your box, and save them in a script, and then in /etc/defaults/rc.conf, set the file for ipfw to read, and then voila! Cheers Neil Fryer neilf@mip.co.za On Tue, 19 Jun 2001, default013 - subscriptions wrote: > Hi, > > I'm about to compile IPFW into the kernel for the first time... and just had > a quick question... also, if anyone has any tips I would appreciate it. > (this is going to be used on a webserver that runs everything from apache to > shoutcast...) > > I am going to compile it in using this option: > options IPFIREWALL_VERBOSE_LIMIT=10 > > My question is, I connect to my box using an SSH session. The default for > IPFW is not to accept connections correct? So after my machine reboots with > these new rules in place, will I have to set the IPFW rules in place so that > I can once again open an SSH session to it again? Or how does that work... > > Thanks > > Jordan > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- "Against stupidity, even the Gods struggle in vain." - Friedrich von Schiller To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0106190918132R.00481>