Date: Sun, 21 Mar 1999 09:45:27 +0100 (CET) From: Jeroen Ruigrok/Asmodai <asmodai@wxs.nl> To: George Vagner <kf7nn1@cybertrails.com> Cc: questions@freebsd.org Subject: RE: firewall Message-ID: <XFMail.990321094527.asmodai@wxs.nl> In-Reply-To: <36F40A99.379901D0@cybertrails.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 20-Mar-99 George Vagner wrote: > i compiled in firewall support but never "decoded" > a firewall ruleset and dont understand the language. Well, if yer going to be the primary admin for it I suggest to get yer bum to read up on firewalls and rulesets. This is one field in which ignorance will get yer ass wh00ped. > what i need is a basic firewall ruleset that allows this > > gatewaying from inside net to outside net. Which will be NATed. > www on port 80 Logically. > ftp in/out > telnet in/out > smtp in/out > pop3 in/out > ssh in/out Ye want telnet _and_ ssh? Is this to the firewall box itself? Or to hosts within the intranet? If it's to the firewall then I'll say forget about the telnet allowance (it uses plaintext passwords) and only allow SSH. Ye can find the portnumbers for the above protocols in /etc/services. I could write a ruleset, but that won't teach you anything and since I'm not the admin of yer site I can only suggest once more to learn about this stuff. > also what file do i edit for this. /etc/ipfw.script is a common name for it. --- Jeroen Ruigrok van der Werven <http://www.freebsdzine.org>; asmodai(at)wxs.nl The idea does not replace the work... Network/Security Specialist <http://home.wxs.nl/~asmodai>; *BSD: Powered by Knowledge & Know-how <http://www.freebsd.org>; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.990321094527.asmodai>