Date: Tue, 7 Mar 2000 23:00:57 +0000 From: Ben H <bens_lists@mailandnews.com> To: freebsd-security@freebsd.org Subject: Using IPFILTER Message-ID: <20000307230057.A1357@lust.poo.pants>
next in thread | raw e-mail | index | archive | help
Hello all,
i (like im sure many) would like to use IPFILTER (ipf, ipnat) instead
of/aswell as IPFIREWALL (ipf, natd). and i cant get it working.
my KERNEL (well some of it) looks like:
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #print information about stuff
options IPFIREWALL_FORWARD #enable transparent proxy support
options IPDIVERT #divert sockets
options IPFILTER #kernel ipfilter support
options IPFILTER_LOG #ipfilter logging
options IPSTEALTH #support for stealth forwarding
options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN
options TCP_RESTRICT_RST #restrict emission of TCP RST
options "ICMP_BANDLIM" #Limit icmp bandywitdh
ive tried removing IPFIREWALL but it complains about lack of ip services (i
cant remember as i havent tried for a while due to non wanting downtime)
i have all the required programs and sources, i even tried using the
ipf-fil3.x.x.tar.gz but to no avail.
so could someone who is more compentant spare the time to tell me what i
need where to get it going. the rules and things im okay mainly due to
OpenBSD experince...
tankoo
PS i hope/think this is the correct list..
--
Ben, <Bro_evil(at)innocent(dot)com>
"Doing the wrong thing for the right reasons is better than doing
the right thing for the wrong reasons"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000307230057.A1357>