Date: Sun, 25 Jan 2004 16:59:51 +0200 From: "Pons" <pons@gmx.li> To: <freebsd-questions@freebsd.org> Subject: IPFW Message-ID: <024201c3e353$e3ac0c80$0503050a@sdc.com.jo> References: <20040125144542.15702.qmail@web13905.mail.yahoo.com>
index | next in thread | previous in thread | raw e-mail
I have configured a FreeBSD 5.1 rel box 2 NIC's (Ext.ip/Int.ip) with ipfw/natd/squid the setup is working, but still _FLAT_ it means i am using the default IPFW configuration firewall_type="open" I want to give more security to my internal network by stoping/limiting unneccessary traffic in/out so I need help to implement the following set of ipfw rules 1- permit only clients with 10.5.0.0/16 to send/recv via the box 2- Block MSN messanger/ yahoo messanger/ ICQ / Kazaa 3- Block in/out ICMP Ping / traceroute 4- Permit DNS/ HTTP(S)/ FTP / SMTP / Telnet /SSH /POP3 5- what should i include in /etc/sysctl.conf against DoS attack , spoof ..etc 6- What about the kernel_level, in which mode should i run the kernel 7- which other services should i disable 8- allow me (my ip) to manage the box by accessing it via ssh only any input would be really appreciated. Thankshelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?024201c3e353$e3ac0c80$0503050a>