Date: Sun, 12 Jun 2005 10:54:53 +0400 From: Dmitry Mityugov <dmitry.mityugov@gmail.com> To: Paul Dufresne <dufresnep@fastmail.fm> Cc: dk dkrules <dkrules7@hotmail.com>, "P.U.Kruppa" <root@pukruppa.de>, freebsd-questions@freebsd.org Subject: Re: Setting a simple firewall for PPPoE connection Message-ID: <b7052e1e050611235422a4c233@mail.gmail.com> In-Reply-To: <1118551395.29106.236171214@webmail.messagingengine.com> References: <BAY21-F20031309C5747F0945F69F8AFC0@phx.gbl> <20050609181128.G48525@www.pukruppa.net> <1118551395.29106.236171214@webmail.messagingengine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/12/05, Paul Dufresne <dufresnep@fastmail.fm> wrote: >=20 > On Thu, 9 Jun 2005 18:22:45 +0200 (CEST), "P.U.Kruppa" > <root@pukruppa.de> said: > > On Thu, 9 Jun 2005, dk dkrules wrote: > > > > > I am very dissappointed. I have been looking on the net for 3 days no= w > > > looking for easy setup guides or How to guides and setting up FreeBSD= 5.x > > > with transparent proxy and firewall and there simply is no easy way > > > explaining to beginners how to do such a setup. > > 1) Before you start playing around with squid and firewall you > > have to make sure your FreeBSD box works as a gateway. > > 2) When this is done look into google for setup of squid as a > > transparent proxy (these are two or three entries in a config > > file). > > 3) enable firewall in /etc/rc.conf with lines like > > firewall_enable=3D"YES" > > firewall_script=3D"/etc/firewall.conf" > > 4) edit your /etc/firewall.conf with something like > > > > ipfw add 500 fwd 127.0.0.1 tcp from any to any 80 recv rl0 > > ipfw add 60000 allow all from any to any > > > > where rl0 is the device name of your NIC. > > 5) reboot ... > But the main question is: "How to deal with dynamic IP > address when writing firewall rules?" Hopefully you'll find this link helpful: http://www.defcon1.org/html/Networking_Articles/Firewall-Ipfw/firewall-ipfw= .html. --=20 Dmitry "We live less by imagination than despite it" - Rockwell Kent, "N by E"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b7052e1e050611235422a4c233>