From owner-freebsd-chat@FreeBSD.ORG Wed Mar 26 17:41:24 2008 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CE34A1065674 for ; Wed, 26 Mar 2008 17:41:24 +0000 (UTC) (envelope-from mh@kernel32.de) Received: from crivens.kernel32.de (crivens.terrorteam.de [81.169.171.191]) by mx1.freebsd.org (Postfix) with ESMTP id 6920E8FC27 for ; Wed, 26 Mar 2008 17:41:23 +0000 (UTC) (envelope-from mh@kernel32.de) Received: from www.terrorteam.de (localhost [127.0.0.1]) by crivens.kernel32.de (Postfix) with ESMTP id 82B15B0290; Wed, 26 Mar 2008 18:41:22 +0100 (CET) MIME-Version: 1.0 Date: Wed, 26 Mar 2008 18:41:22 +0100 From: Marian Hettwer To: Passive PROFITS In-Reply-To: <952143.25012.qm@web35604.mail.mud.yahoo.com> References: <952143.25012.qm@web35604.mail.mud.yahoo.com> Message-ID: <9624c92ace117984b763b29f2c2bb3e5@localhost> X-Sender: mh@kernel32.de User-Agent: RoundCube Webmail/0.1-rc2 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit Cc: freebsd-chat@freebsd.org Subject: Re: Newbie Question - about newbie user support X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2008 17:41:24 -0000 Hi there, On Wed, 26 Mar 2008 10:08:43 -0700 (PDT), Passive PROFITS wrote: > Hi there Marian! > > First off, I must point out that it's incredibly nice > to have met my first female (I assume correctly!?) on > a computer related list. Long rumoured about ... > Finally! Unlike the Yeti: actually spotted! LMAO > Sorry to burst that bubble, but Marian is actually a male name. German version of latin Marius. I know, it's a very uncommon name and yes, it happens from time to time that people think it's a female name. ;-) > > --- Marian Hettwer wrote: > >> Hi there, >> >> On Wed, 26 Mar 2008 09:19:55 -0700 (PDT), Passive >> PROFITS >> wrote: >> > >> > FWIW, I am only experienced with putting together >> > firewalls in Ubuntu using a GUI (Firestarter). I >> do >> > not seem to have come across problems using that >> combo >> > (IPtables? + Firestarter GUI). >> > >> I'm actually not aware wether there is a gui to plug >> together a firewall >> ruleset based on pf(4). >> That said, I suggest to use pf as the packet filter >> of choice. It's a great >> one. >> Get a first impression about pf(4) by reading the >> handbook >> > (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-pf.html) >> or by reading man pfctl. >> As a newbie, you should start with the handbook :) > > OK, OK - I'm not averse to a handbook or two ;) And I > am not trying to short-circuit that route. I am on > handbook overload though, what with trying to get my > head around Linux, and now FreeBSD, too! I need to > slow down a little. I've wanted a Linux install for > like years, before Ubuntu came along, and now I've got > all those years lost, to catch up on ... Not all > tonight, I realise! ;) > I didn't even know that ubuntu has a handbook ;-) >> Obviously you should have an idea what a packet >> filter (buzzword is >> firewall) does. A good understanding on how tcp and >> networking works is >> preferred for a good configuration. > > I've got some very basic understanding (no technical > understanding) of your basic POST & GET, from doing a > very little webmastering some years ago. I also 'get' > the idea that different protocols have different > default ports through which they usually operate. > Past that though, I'm basically in need of going right > to the start, and not skipping anything!! I'm in this > long-term though, so won't be complaining. > As a starter, I'd say, take a look at the wikipedia.org article about tcp/ip. It's worth it. Cause if you don't know what you're doing, you won't find mistakes. No offense ment. It happened to me too. Just followed a howto and then, holy crap, it just doesn't work. And since I didn't know what I was typing, cause I just followed the howto, obviously I couldn't spot the mistake _in_ this howto. Lesson learned: Try to understand what you're doing :) >> Another way of just having a FreeBSD + pf based >> firewall would be using >> pfsense (http://www.pfsense.org/) which is in my >> understanding a FreeBSD >> live CD with a nice webfrontend to configure your >> router/firewall. > > Thanks for that, and the other recommendation from > another. I may find that I get one of these firewalls > 'out of the box' working, then install a 'proper' > install on another machine to play with/learn on, etc. Sounds like a good plan to me. best regards, Marian, still male, sorry 'bout that ;-)