From owner-freebsd-questions@FreeBSD.ORG  Sat Jan 29 22:05:01 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 74BAE16A4CE
	for <freebsd-questions@freebsd.org>;
	Sat, 29 Jan 2005 22:05:01 +0000 (GMT)
Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.203])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1305443D45
	for <freebsd-questions@freebsd.org>;
	Sat, 29 Jan 2005 22:05:01 +0000 (GMT)
	(envelope-from pergesu@gmail.com)
Received: by wproxy.gmail.com with SMTP id 58so35011wri
	for <freebsd-questions@freebsd.org>;
	Sat, 29 Jan 2005 14:05:00 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references;
	b=XAFjLhT1Mimv5FlJ77qbwVBsCiqDjltg5SeCq99hDUFs9dutk/Hdi+m8ejic//uj3gAlKbtdHM0RYmgmApDRM72MI28drz0wczo10qDOZ5WoAvVagQYjc2z2ju+jM6Hi+o3elE2452vnpxD8X64Zkr4XiChBTTglib8l8EDRTRw=
Received: by 10.54.47.19 with SMTP id u19mr59064wru;
        Sat, 29 Jan 2005 14:04:54 -0800 (PST)
Received: by 10.54.42.47 with HTTP; Sat, 29 Jan 2005 14:03:08 -0800 (PST)
Message-ID: <810a540e05012914031e5239fa@mail.gmail.com>
Date: Sat, 29 Jan 2005 15:03:08 -0700
From: Pat Maddox <pergesu@gmail.com>
To: freebsd-questions@freebsd.org
In-Reply-To: <20050129215051.GA28318@akroteq.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
References: <20050129215051.GA28318@akroteq.com>
Subject: Re: 2 quick firewall questions for FreBSD
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Pat Maddox <pergesu@gmail.com>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Jan 2005 22:05:01 -0000

Having a firewall prevents rogue programs from opening up other ports
on your machine.  You have to worry about services you don't install
and configure just as much (maybe even more so) as the services you do
install.


On Sat, 29 Jan 2005 12:50:51 -0900, Andy Firman <andy@firman.us> wrote:
> 
> First, if one were to deploy FreeBSD 5.3 as a standard
> web and email server, would it need a firewall?
> I don't see the point because only ports like 25 for
> smtp, 110 for pop, 80 for http, etc... will be listening
> and open for connections with or without a firewall.
> 
> Second, I would like to replace my Linux gateway running
> Shorewall.  Shorewall is a nice package for managing the
> netfilter firewall capabilities of the Linux kernel.
> Is there something similar for FreeBSD?
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>