Date: Sun, 17 May 1998 20:49:46 -0600 (MDT) From: Atipa <freebsd@atipa.com> To: Terry Lambert <tlambert@primenet.com> Cc: Capriotti <capriotti@geocities.com>, hackers@FreeBSD.ORG Subject: Re: DHCP Message-ID: <Pine.BSF.3.96.980517204405.1796B-100000@altrox.atipa.com> In-Reply-To: <199805172046.NAA29488@usr05.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> By default, you will want to disable all ports (ports map to services), > and enable ports on a case-by-case basis, per machine. This will need to be done afer DHCP is loaded, or else you'll never get off the ground. rc.firewall I would think would need to allow lo0 packets and anything from the DHCP server, then after getting your addresses and such, build another firewall script dynamically that is more stringent. > The above all presumes, of course, that you are running the DHCP server > on the FreeBSD box, and NOT on the NT box. If you need to run the DHCP > server on the NT box, then you will be forced to buy a third party > firewall package from someone who has probably paid a *LOT* of money > to license NT source code, and wants to make that money back. Given > NT source license fees, I'd expect the price to be in the tens of > thousands of dollars. > Note: there is Samba code that allows a FreeBSD box to act as an NT > domain controller, so if the reason you have to use NT is because of > domain controller services, then you don't have to use NT like you > thought you did. This is still BETA at best, and not very useful for a production environment. Still, it is a great first step. Once it is fully functional, adminning these crap-o `95 machines will be MUCH nicer! Kevin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980517204405.1796B-100000>