Date: Tue, 23 Sep 1997 15:34:50 -0600 (MDT) From: Brandon Gillespie <brandon@roguetrader.com> To: freebsd-questions@freebsd.org Subject: Using 'ipfw' but still allowing access to the net devices.. Message-ID: <Pine.BSF.3.96.970923153119.1744A-100000@roguetrader.com>
next in thread | raw e-mail | index | archive | help
Just curious, how do I use 'ipfw' AND a routing daemon? I need my
'firewall' to also talk some routing protocol (any protocol, RIP if need
be), but when I run routed or gated I get permission denied, because ipfw
isn't allowing it on the local machines. If I add the rule:
ipfw add 65000 pass all from any to any
And then startup the routing daemon (either routed or gated) it works
FINE, but that is really not a rule I want to keep around. What rule
would I add to allow routed/gated to work, but still keep everything else
locked down? At the very least, what rule could I add to allow
access from the devices to THAT MACHINE, rather than simply forwarding
them to another device--I can always disable all network services on the
machine (perhaps leaving sshd and thats it).
-Brandon Gillespie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970923153119.1744A-100000>