From owner-freebsd-questions  Sun Sep 16 10:36:50 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from lists.blarg.net (lists.blarg.net [206.124.128.17])
	by hub.freebsd.org (Postfix) with ESMTP id 3117837B408
	for <freebsd-questions@FreeBSD.ORG>; Sun, 16 Sep 2001 10:36:46 -0700 (PDT)
Received: from thig.blarg.net (thig.blarg.net [206.124.128.18])
	by lists.blarg.net (Postfix) with ESMTP
	id CA56BBCFE; Sun, 16 Sep 2001 10:36:45 -0700 (PDT)
Received: from localhost.localdomain ([206.124.139.115])
	by thig.blarg.net (8.9.3/8.9.3) with ESMTP id KAA19780;
	Sun, 16 Sep 2001 10:36:45 -0700
Received: (from jojo@localhost)
	by localhost.localdomain (8.11.3/8.11.3) id f8GHaPS45656;
	Sun, 16 Sep 2001 10:36:25 -0700 (PDT)
	(envelope-from swear@blarg.net)
To: ann kok <annkok2001@yahoo.com>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: firewall
References: <20010916133953.47487.qmail@web20106.mail.yahoo.com>
From: swear@blarg.net (Gary W. Swearingen)
Date: 16 Sep 2001 10:36:25 -0700
In-Reply-To: <20010916133953.47487.qmail@web20106.mail.yahoo.com>
Message-ID: <p7elp76ns6.lp7@localhost.localdomain>
Lines: 24
User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.1 (Cuyahoga Valley)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

ann kok <annkok2001@yahoo.com> writes:

> Can a freebsd box be function as firewall 'ipfilter' 
> and as routing from cable modem together?

Sure; and with the standard 'ipfirewall/ipfw' as well.

And if you want to risk the reduced security, you can dispense with
a separate firewall/router box and do it all in a box which does 
other things -- serving, printing, workstation, etc.

> If it can, is there any security issues?

Isn't/Aren't there always?  There are several related articles at
FreeBSD-related web sites and some good stuff in the Handbook and
ipf/ipfw man pages and also in a intro man page named "firewall".
Mailing list and newsgroup archives (eg groups.google.com) can also be
very helpful, especially on firewall rules for specific applications
which tend to be omitted from most (but not all) articles and intros.

You should also find very helpful the book "Building Linux and OpenBSD
Firewalls" (pub: Wiley) which carries over to well to FreeBSD as long as
you use "ipfilter" (and is still quite informative of "theory" for
"ipfw" users).

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message