From owner-freebsd-newbies@FreeBSD.ORG Sun Aug 31 12:22:15 2003 Return-Path: Delivered-To: freebsd-newbies@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB14516A4C1 for ; Sun, 31 Aug 2003 12:22:15 -0700 (PDT) Received: from mail.bgeek.com (h-66-166-37-77.CHCGILGM.covad.net [66.166.37.77]) by mx1.FreeBSD.org (Postfix) with ESMTP id 137A243F93 for ; Sun, 31 Aug 2003 12:22:14 -0700 (PDT) (envelope-from steve@bgeek.com) Received: from CindyXP [66.166.37.78] by mail.bgeek.com with ESMTP (SMTPD32-7.15) id AA1337A0146; Sun, 31 Aug 2003 15:18:43 -0400 Message-ID: <002201c36ff5$306630a0$1500a8c0@mcsebound.com> From: "Steve Schofield" To: References: <20030830190107.0A39816A4DD@hub.freebsd.org> <002001c36fee$246fc470$05191eac@tvwebmaster2> Date: Sun, 31 Aug 2003 15:22:16 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.3790.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1050 Subject: Re: iptables X-BeenThere: freebsd-newbies@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Gathering place for new users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Aug 2003 19:22:16 -0000 i use ipfilter as a loadable module in the /etc/rc.conf. Its loaded on boot. For better perf, its good to compile into the KERNEL but heck it works so i'm happy with the way it is. Do a google search on IPFILTER or IPFW (IPFW is built in I think) to get more info. //Put this in your /etc/rc.conf ipfilter_enable="YES" ipfilter_program="/sbin/ipf -Fa -f" ipfilter_rules="/etc/ipf.conf" ipfilter_flags="-Ds" ipmon_enable="YES" ipmon_flags="-Dn /var/log/firewall_logs" create a file called ipf.conf in the /etc/ directory here are some sample rules I use. to refresh a rule w/o rebooting type in ipf -Fa -f /etc/ipf.conf pass in quick on xl0 proto tcp from any to any port = 25 keep state pass in quick on xl0 proto tcp from any to any port = 110 keep state pass in quick on xl0 proto tcp from any to any port = 143 keep state pass out quick proto tcp all keep state block in log quick on xl0 proto tcp from any to any ----- Original Message ----- From: "Taulant Galimuna" To: Sent: Sunday, August 31, 2003 2:31 PM Subject: iptables > Hi! > I just wanted to know if ther's any "firewall" like iptables and ipchains > (linux) on FreeBSD ?? > > regards, > Taulant > > _______________________________________________ > freebsd-newbies@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-newbies > To unsubscribe, send any mail to "freebsd-newbies-unsubscribe@freebsd.org" >