Date: Wed, 5 Jul 2000 13:58:40 -0700 (PDT) From: Daryl Chance <chancedj@yahoo.com> To: openzero@bsdmail.com, freebsd-security@FreeBSD.ORG Subject: Re: Firewalls and the endless story! Message-ID: <20000705205840.10936.qmail@web3201.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
*DOH* sorry....totally missed the part where you already had the firewall rules. my bad. I found this, it might help out. http://www.freebsd.org/tutorials/dialup-firewall/index.html --- openzero@bsdmail.com wrote: > Hm! > After posting, for some help with my sucky fireball > I upgraded from FreeBSD-2.2.8-RELEASE to > FreeBSD-3.4-RELEASE > + SecureBSD1.0, in hope it will work now. > > But nothing happends! The firewall doesn't work > and FreeBSD-3.4 (and 4.0) is a boring unstable > system! > > So, I downloaded via cvsup the FreeBSD-2.2.8-STABLE! > It really rulez! > > But the firewall problem still exists, and with this > configuration I can't surf the web too! ;) > > Hm! Please I need help! It's very important! > > For you, who wants to help me. Here are some > information > on what the firewall has to do! > > 1. I'm running an anonyous ftp- Server > 2. I need to browse the web > 3. Sendmail could be enabled (not needed!) > > Here is my actual configration, which still suckz! > At the momemt, I can only browse via: > # ipfw -f flush! > > --- CUT HERE --- > fwcmd="/sbin/ipfw" > > $fwcmd -f flush > > $fwcmd add allow ip from any to any via lo0 > $fwcmd add deny log ip from any to 127.0.0.1/8 > $fwcmd add allow ip from any to any via rl0 > > $fwcmd add divert 8668 all from any to any via tun0 > > $fwcmd add allow tcp from any to any out xmit tun0 > setup > $fwcmd add allow tcp from any to any via tun0 > established > > $fwcmd add allow log tcp from any to any 21 setup > $fwcmd add allow log tcp from any 20 to any setup # > really needed ????? > > $fwcmd add reset log tcp from any to any 113 in recv > tun0 > > $fwcmd add allow udp from any to 194.25.2.129 53 > out xmit tun0 > $fwcmd add allow udp from 194.25.2.129 53 to any in > recv tun0 > > $fwcmd add deny log icmp from any to any > > $fwcmd add deny log ip from any to any > -- CUT HERE --- > > My kernel: > DEFAULT_TO_ACCEPT > VERBOSE_LIMIT=10 > > rc.conf: > natd_enable="YES" > natd_device="tun0" > natd_flags="-dynamic" > > > Please, need help! > > > > Thanx.... Daniel Ridder > > (It's an SOS! I need this wall much fast I can get! > For later times, is there a book to get most out > of BSD firewalls????) > -- > Get your free email from http://www.bsdmail.com > > Powered by Outblaze > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of > the message > > ===== <---------------------------------------------------------------><BR><- Daryl Chance - A programmer is someone who solves a -><BR><- Programmer - problem you didn't know you had in a -><BR><- ----------------- - way you don't understand. -><BR><- Belial of -E- - - ????? -><BR><---------------------------------------------------------------> __________________________________________________ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000705205840.10936.qmail>