Date: Tue, 20 Oct 1998 16:10:45 +1300 From: "Dan Langille" <junkmale@xtra.co.nz> To: "Matt Prigge" <prigge@bucknell.edu> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Help! Natd & ipfw Message-ID: <199810200310.QAA20083@cyclops.xtra.co.nz> In-Reply-To: <070701bdfbce$1848c960$28735286@prigge.resnet.bucknell.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 19 Oct 98, at 22:05, Matt Prigge wrote: > Hi everyone! I am trying to set up a firewall on FreeBSD 2.2.7 using natd > and ipfw. I have been using the "OPEN" setting sucessfully for quite a > while, but due to the increasing importance of security in this > application am trying to tighten things down a bit. I made up this > rc.firewall using bits and peices of the SIMPLE rc.firewall that is > provided with ipfw. The problem is that when the server tries to respond > to a TCP setup packet for any type of connection (ssh, popmail, and telnet > in this case) it responds with a "natd: failed to write packet back > (Permission denied)" error to the console. I have all of the kernel > options that are required installed and working, so that is not the > problem. I have attached a copy of my rc.firewall and a snippet of the > /var/log/messages log that shows the sort of thing that im talking about. > I hope someone can help as this is getting more frustrating the more I > work with it. Mailing me directly is fine. Thanks! You and I are in the same boat. The simple firewall, by default, denies everything (more or less). It's up to you to enable the things you want. See http://www.freebsddiary.com/freebsd/firewall.htm for details on my progress and the other thread titled ipfw and natd confusion -- Dan Langille DVL Software Limited The FreeBSD Diary - my [mis]adventures http://www.FreeBSDDiary.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199810200310.QAA20083>