Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 19 Jun 2001 09:15:11 +0200
From:      Neil Fryer <neilf@mip.co.za>
To:        "default013 - subscriptions" <default013subscriptions@hotmail.com>, "default013 - subscriptions" <default013subscriptions@hotmail.com>, <freebsd-security@FreeBSD.ORG>
Subject:   Re: IPFW newbie
Message-ID:  <0106190918132R.00481@xyberpix.mip.co.za>
In-Reply-To: <OE34va7DYaOqlOQq2vX00002c3c@hotmail.com>
References:  <OE34va7DYaOqlOQq2vX00002c3c@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
'ello again

Ok, if you have a look at LINT, there's something in there that says add an
entry to rc.conf, something along the lines of FIREWALL_TYPE=open, or something
like that, and then when you reboot you'll be allowed access. You can then just
remove this option when all your rules are in place.

Alternatively, you could write some rules to allow you to ssh into your box,
and save them in a script, and then in /etc/defaults/rc.conf, set the file for
ipfw to read, and then voila!

Cheers
Neil Fryer
neilf@mip.co.za


On Tue, 19 Jun 2001, default013 - subscriptions wrote:
> Hi,
> 
> I'm about to compile IPFW into the kernel for the first time... and just had
> a quick question... also, if anyone has any tips I would appreciate it.
> (this is going to be used on a webserver that runs everything from apache to
> shoutcast...)
> 
> I am going to compile it in using this option:
> options IPFIREWALL_VERBOSE_LIMIT=10
> 
> My question is, I connect to my box using an SSH session. The default for
> IPFW is not to accept connections correct? So after my machine reboots with
> these new rules in place, will I have to set the IPFW rules in place so that
> I can once again open an SSH session to it again? Or how does that work...
> 
> Thanks
> 
> Jordan
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
-- 
"Against stupidity, even the Gods struggle in vain."
					- Friedrich von Schiller

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0106190918132R.00481>