From owner-freebsd-isp Tue Nov 26 18:13:54 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4654E37B401 for ; Tue, 26 Nov 2002 18:13:52 -0800 (PST) Received: from proverbs.outreachnetworks.com (proverbs.outreachnetworks.com [65.196.249.4]) by mx1.FreeBSD.org (Postfix) with SMTP id 7BC3943EB2 for ; Tue, 26 Nov 2002 18:13:51 -0800 (PST) (envelope-from elh@outreachnetworks.com) Received: (qmail 97136 invoked from network); 27 Nov 2002 02:13:50 -0000 Received: from adsl-66-73-187-215.dsl.sfldmi.ameritech.net (HELO preacher.outreachnetworks.com) (66.73.187.215) by proverbs.outreachnetworks.com with SMTP; 27 Nov 2002 02:13:50 -0000 Received: (qmail 999 invoked by uid 1000); 27 Nov 2002 02:13:49 -0000 Date: Tue, 26 Nov 2002 21:13:49 -0500 From: "Eric L. Howard" To: freebsd-isp@FreeBSD.ORG Subject: Re: ipfilter & webserver Message-ID: <20021127021349.GB936@outreachnetworks.com> Mail-Followup-To: freebsd-isp@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i X-Favorite-Scripture: Romans 8:18 X-Theocratic-Rule-Advocate: http://www.crossmovement.com X-Registered-Secret-Agent: Agent Double-Naught Seven X-Operating-System: Linux 2.4.18-bf2.4 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At a certain time, now past, Arie J. Gerszt spake thusly: > hi everybody > > i am looking for a sample configuration for ipfilter running on a web, ssh, > ftp > server. the server should be fairly open. i'd like to limit the connection > in- > bound into ssh and filter some icmp types (which one are suggested?) Did you start @ /usr/share/examples/ipfilter ? bash-2.05a$ ls /usr/share/examples/ipfilter/* /usr/share/examples/ipfilter/BASIC.NAT /usr/share/examples/ipfilter/BASIC_1.FW /usr/share/examples/ipfilter/BASIC_2.FW /usr/share/examples/ipfilter/README /usr/share/examples/ipfilter/example.1 /usr/share/examples/ipfilter/example.10 /usr/share/examples/ipfilter/example.11 /usr/share/examples/ipfilter/example.12 /usr/share/examples/ipfilter/example.13 /usr/share/examples/ipfilter/example.14 /usr/share/examples/ipfilter/example.2 /usr/share/examples/ipfilter/example.3 /usr/share/examples/ipfilter/example.4 /usr/share/examples/ipfilter/example.5 /usr/share/examples/ipfilter/example.6 /usr/share/examples/ipfilter/example.7 /usr/share/examples/ipfilter/example.8 /usr/share/examples/ipfilter/example.9 /usr/share/examples/ipfilter/example.sr /usr/share/examples/ipfilter/examples.txt /usr/share/examples/ipfilter/firewall /usr/share/examples/ipfilter/firewall.1 /usr/share/examples/ipfilter/firewall.2 /usr/share/examples/ipfilter/ftp-proxy /usr/share/examples/ipfilter/ftppxy /usr/share/examples/ipfilter/ipf-howto.txt /usr/share/examples/ipfilter/ipf.conf.permissive /usr/share/examples/ipfilter/ipf.conf.restrictive /usr/share/examples/ipfilter/ipf.conf.sample /usr/share/examples/ipfilter/ipnat.conf.sample /usr/share/examples/ipfilter/nat-setup /usr/share/examples/ipfilter/nat.eg /usr/share/examples/ipfilter/rules.txt /usr/share/examples/ipfilter/server /usr/share/examples/ipfilter/tcpstate ~elh -- Eric L. Howard e l h @ o u t r e a c h n e t w o r k s . c o m ------------------------------------------------------------------------ www.OutreachNetworks.com 313.297.9900 ------------------------------------------------------------------------ JabberID: elh@jabber.org Advocate of the Theocratic Rule To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message