From owner-freebsd-hackers Thu Jun 13 08:15:08 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA00343 for hackers-outgoing; Thu, 13 Jun 1996 08:15:08 -0700 (PDT) Received: from localhost (call4.bsi.com.br [200.250.250.65]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA00328 for ; Thu, 13 Jun 1996 08:15:01 -0700 (PDT) Received: (from lenzi@localhost) by localhost (8.6.12/8.6.12) id JAA05193; Thu, 13 Jun 1996 09:02:50 GMT Date: Thu, 13 Jun 1996 09:02:49 +0000 () From: "Lenzi, Sergio" X-Sender: lenzi@localhost To: didier@omnix.fr.org cc: hackers@FreeBSD.org Subject: Re: firewall (ipfw) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk On Mon, 10 Jun 1996 didier@omnix.fr.org wrote: > > > The company I'm working for plan to install a permanent acces to internet > through an analogic leased line and two 32kb modems. > > to protect our application in plan to install the firewall builtin FreeBSD > > > I've never used ipfw and I dont have any experience with firewalls. > > > could you tell me how I could set up this machine > > > thanks for your help > OK, Didier. setup the firewall code by including the options IPFIREWALL.... this options is in lines 199-201 of the LINT sample file in the directory: /usr/src/sys/i386/conf. configure the kernel config -n ... go to the directory for compilation, remove ip*.o, do a make all install. after that. read the man pages for command ipfw. ex: ipfw addf deny all to any via ed0 -> deny all ip that is routed to your net via the ed0 network card. ipfw addf accept all to any 80 via ed0 -> accept only web trafic (port 80) to your network. and so on...... Try playing around with it... it is easy... by