Date: Tue, 11 Jan 2000 21:12:15 -0500 (EST) From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: evan@sutv.wgtn.com (Evan Brown) Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ipfw and dns Message-ID: <200001120212.VAA09241@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <Pine.BSF.4.10.10001111522001.97541-100000@sutv.wgtn.com> from Evan Brown at "Jan 11, 2000 03:36:17 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Evan Brown wrote, > Hi, i am running a 3.4 machine with ipfw and natd set up.. > everything is working fine. the problem i am having is when i do a client > setup for the firewall I think what we have here is big misunderstanding. Am I to take it you are trying to run "client" firewalls on the machines behind this IPFW-NAT box? The client firewall is meant to protect a machine that is naked on the net. Running a client firewall inside of a firewalled network might be a good idea if your outer firewall is swiss cheese, but in general, that outer one is there to allow the inner machines to run naked on the local net. > in rc.conf > firewall_enable="YES" > firewall_type="client" > > in rc.firewall i have > > (under the client area) > > net="192.168.0.0" > mask="255.255.255.0" > ip="209.172.xxx.xxx" Huh? Your machine is not on its own local network? > it shuts everything off, and the telnet connection i had established at > the time i did sh rc.firewall was still up. so it meant the firewall was > working > > the only problem, is that the dns part they have in the sh.firewall doesnt > seem to be working, and what do i need to do to get it to where the > computer behind the firewall will only do ftp connections and nothing > else, and the firewall doesnt allow anything connecting to the computer? -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001120212.VAA09241>