RE: Firewall rules for local lan

• Previous message: Nico Meijer: "Re: Rack-Mount Server cases"
• In reply to: Gaspar Kiraly: "Firewall rules for local lan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: "Gaspar Kiraly" <gaspar.kiraly@iprimus.com>, <freebsd-questions@freebsd.org>
Date: Sun, 11 Jul 2004 10:30:18 -0400

Here is a rewrite of the FreeBSD handbook firewall section with
examples that will answer all your questions.

www.a1poweruser.com/FBSD_firewall/

-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Gaspar
Kiraly
Sent: Sunday, July 11, 2004 8:52 AM
To: freebsd-questions@freebsd.org
Subject: Firewall rules for local lan

Hello,

I have a quick question for you:

I am in the process of setting up ipfw for my server and a small LAN
of two pcs.
The FreeBSD server is used as an internet gateway with a dial up
connection (ppp -auto -alias demand).
My network connection is working fine, however I am getting more and
more junk mail lately.
It looks like some sites are sniffing out my e-mail address, my pc
configs, etc.
Hence, I'd like to setup a firewall.
I found many good examples, however they deal with a one pc
(FreeBSD) one network card setup.
For ex: do I need to add "divert" and "bridge" to the Kernel config
file? How do I set up different rules for for each nic?
I'd like to be able to access the FreeBSD server from my local LAN
w/o any restrictions but I do not want the internet sites to do the
same with my server and LAN. Would you have an example setup for
this scenario? The FreeBSD server is also setup to provide address
resolution for the internet.

I'd appreciate any help.

Gaspar
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

• Previous message: Nico Meijer: "Re: Rack-Mount Server cases"
• In reply to: Gaspar Kiraly: "Firewall rules for local lan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: solaris ... >> router while I attempted to explain the router was ... >> of handling a CLI OS like FreeBSD? ... that these individuals would not be the target market ... > despite the fact that it should include a firewall. ... (freebsd-questions) Re: Wanting To Try FreeBSD: Security Question. ... How hard is it to secure FreeBSD for a desktop computer? ... The relatively minimal pf.conf file for the firewall I run on my laptop, ... A firewall is not the end of all your security needs. ... (comp.unix.bsd.freebsd.misc) Re: RX (download) limit problem ... > I've been seeing a strange problem with my 5.4-STABLE freebsd ... > behind it or the firewall itself) can get a decent rate. ... > In talking to some openBSD guys we had a theory that it might be something ... > the upload and download being kept symmetric and hence so low on the ... (freebsd-current) Re: Which intrusion detection to use? ... > I have a FreeBSD box at home which I primairily use for internet access. ... a host-based IDS is AIDE, ... > understand what the added benefit it over a tightly configured firewall. ... all unused ports to the world there will be no use in PortSentry since the ... (FreeBSD-Security) The way forward..... ... FreeBSD I would want to pursue a firewall that is based solely on stateful ... with IPFilter the stateful alternative" ... (FreeBSD-Security)