From owner-freebsd-ipfw Tue Jan 18 8:25:27 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from intranova.net (blacklisted.intranova.net [209.3.31.70]) by hub.freebsd.org (Postfix) with SMTP id F02BA14E4F for ; Tue, 18 Jan 2000 08:25:20 -0800 (PST) (envelope-from oogali@intranova.net) Received: (qmail 10008 invoked from network); 18 Jan 2000 11:27:31 -0000 Received: from hydrant.intranova.net (user6378@209.201.95.10) by blacklisted.intranova.net with SMTP; 18 Jan 2000 11:27:31 -0000 Date: Tue, 18 Jan 2000 11:22:27 -0500 (EST) From: Omachonu Ogali To: Brian Gallucci Cc: isp@freebsd.org, freebsd-ipfw@freebsd.org Subject: Re: New Firewall In-Reply-To: <000901bf6198$df4927e0$095aaed8@expnet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG The following rules can help if you are going to be running SMTP, HTTP, POP3, and HTTPS, delete what you don't need. # -- Pass through for already established connections ipfw add allow tcp from any to any established # -- SMTP ipfw add allow tcp from any to x.x.x.x 25 # -- HTTP ipfw add allow tcp from any to x.x.x.x 80 # -- POP3 ipfw add allow tcp from any to x.x.x.x 110 # -- HTTPS ipfw add allow tcp from any to x.x.x.x 443 # -- Allow setup of outgoing connections ipfw add allow tcp from x.x.x.x to any setup # -- Deny setup of other incoming connections ipfw add deny tcp from any to any setup # -- Deny other incoming IP packets. ipfw add deny ip from any to any Omachonu Ogali Intranova Networking Group On Tue, 18 Jan 2000, Brian Gallucci wrote: > We are looking at putting up a new firewall at one of our clients sites > using FreeBSD 3-4. Is there any bugs we should know about with IPFW ? They > will be > doing some webhosting and email. > > Thanks > -Brian > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message