Re: Firewalls and Webmin
From: Kevin Kinsey (kdk_at_daleco.biz)
Date: Wed, 16 Feb 2005 18:13:52 -0600 To: Alex D'Elia <email@example.com>
Alex D'Elia wrote:
>* SigmaX <firstname.lastname@example.org> [050217 17:45]:
>>I have FreeBSD 5.3 and need to set up the firewall. I've never done
>>anything with Firewall on a *NIX system without the help of Webmin, and
>>I'm new to BSD in general. Webmin gives me an error when trying to use
>>the BSD Firewall module.
>>I tried doing "ipfw sh" to see what was up, and I get "ipfw:
>>getsockopt(IP_FW_GET): Protocol not available"
>>I found a post from a while back that said I need to recompile my
>>kernel. I can't imagine that that's the case for a firewall in
>>general. I need a firewall... if I can't use Webmin (read: ipfw) I'm
>>gonna need a REALLY good howto :-P. Any help?
>first of all I say ( as someone else will do ) that you should post
>technical questions to freebsd-questions because this is a list of
>discussion about FreeBSD and not about technical problems.
>But I can tell you that if you follow the instructions of the
>handbook, you will for sure have enough informations to get you going.
>The handbook its a really good documentation, not only for FreeBSD
>but for a lot more ;^)
Yes, and it should have been consulted prior to this posting. I
don't mean to directly offend, but you have made at least one
mistake in your advice. Likely I will, too; and, SigmaX, this is
why your question is on the wrong forum.
>And Yes, you need to recompile the kernel if you want to use your
>system for a firewalling purpose.
Not if he's using 5.3 and doesn't want NAT. From the Handbook:
"IPFW is included in the basic FreeBSD install as a separate run time
loadable module. IPFW will dynamically load the kernel module when
the rc.conf statement firewall_enable="YES" is used. You do not need
to compile IPFW into the FreeBSD kernel unless you want NAT function
>But that's not an hack ..... its preety easy.
>I personally find it easyer than in linux ( with all respects ),
It's easy once you've done it a few times. My first time was
rather frightening, personally, but only because *I* was freaked
out ... the system performed admirably. And, then you need
>I already used ipfw in FreeBSD-4.X and ipf and pf with OpenBSD.
>Now that the new STABLE BRANCH 5.3 its including the pf firewall
>from OpenBSD, I use that, 'cause I find it really powerfull and yet
>nice to configure.
>just take a look at the handbook, and you'll find a lot of answers
>to your questions.
>You find the documentation also on your system: /usr/share/doc/en/books
>for english language documentation :)
Good advice there too.
email@example.com mailing list
To unsubscribe, send any mail to "firstname.lastname@example.org"