From owner-freebsd-security Wed Nov 6 21:34:34 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA29514 for security-outgoing; Wed, 6 Nov 1996 21:34:34 -0800 (PST) Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA29491 for ; Wed, 6 Nov 1996 21:34:14 -0800 (PST) Received: (from danny@localhost) by panda.hilink.com.au (8.7.6/8.7.3) id QAA08069; Thu, 7 Nov 1996 16:33:12 +1100 (EST) Date: Thu, 7 Nov 1996 16:33:10 +1100 (EST) From: "Daniel O'Callaghan" To: Jerry Kelley cc: freebsd-security@freebsd.org Subject: Re: Anyone have info on IP Filter build & install for FreeBSD? In-Reply-To: <32816280.41C67EA6@iquest.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Wed, 6 Nov 1996, Jerry Kelley wrote: > I'm looking at the IP Filter program and am wondering if anyone has got > it up and running with FreeBSD. If so, I'd like just a few brief hints > on the instructions from the INSTALL.xBSD file that comes with it. Are > there any changes to this info for FreeBSD or can I just follow the > info in there "as-is" without modification? Use it as-is, except that with 2.1.5 you need to adjust the patched /sys/netinet/ip_input.c so that the ipfw hook comes *after* the ipfilter hook instead of before. If you don't do that, NAT does not work. I've been meaning to point this out to Darren. > Is there anywhere I can get more info on IP Filter? Are there any web > pages that have some links to docs or any other info that might be of > use? http://coombs.anu.edu.au/~avalon/ Are you looking to use the filter part or the NAT part? Danny