From owner-freebsd-pf@FreeBSD.ORG  Thu Dec  8 11:47:09 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B0F9116A41F
	for <freebsd-pf@freebsd.org>; Thu,  8 Dec 2005 11:47:09 +0000 (GMT)
	(envelope-from MFranke@evendi.de)
Received: from smtp.kliff.de (smtp.kliff.de [80.239.136.89])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C650543D66
	for <freebsd-pf@freebsd.org>; Thu,  8 Dec 2005 11:47:08 +0000 (GMT)
	(envelope-from MFranke@evendi.de)
X-ClientAddr: 85.183.128.34
Received: from DC-EX-001.evendi.local ([85.183.128.34])
	by smtp.kliff.de (8.11.6/8.11.6) with ESMTP id jB8Bl4V01658
	for <freebsd-pf@freebsd.org>; Thu, 8 Dec 2005 12:47:05 +0100
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Thu, 8 Dec 2005 12:47:04 +0100
Message-ID: <AE41C3C123D61B45B457F3037275842F1E087D@DC-EX-001.evendi.local>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Firewall concepts
Thread-Index: AcX77SsVi+HEgvgBTQuNA8asHdHNuQ==
From: "Marcus Franke" <MFranke@evendi.de>
To: <freebsd-pf@freebsd.org>
Subject: Firewall concepts
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: freebsd-pf@freebsd.org
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Dec 2005 11:47:09 -0000

Hello,

I have two or three machines running with FreeBSD and after last
updates I compiled support for pf into the kernel as I want to
use it.

I have read some documents on the web but am still unsure what to
do as my machines are all just client computers and no gateways.

Would it be necessary to use a firewall on my client? I like the
concept of disabling unused services and even binding them to
interfaces where they belong to and do not expose them to everyone
on the local net by binding them to localhost. Kind of an heretic
question, but I am missing the clue where to start..

regards,
Marcus