DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 30th May 2008
dctr dctr is offline
Port Guard
 
Join Date: May 2008
Posts: 30
Thanked 0 Times in 0 Posts
Default Firewall problem?

I decided I would mess around.. came to a quick guide and I figured because I have no experience with BSD I would follow what someone else had done and tweak to to my needs.

http://www.bsdguides.org/guides/free..._explained.php

I came across ^ and I didn't see anything that would mess with my net so I went ahead... but I can not connect to the internet with those settings. Any ideas?
Reply With Quote
  #2   (View Single Post)  
Old 30th May 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default

I haven't performed a thorough analysis of the rules in that guide, but one thing that quickly stands out is:
Code:
firewall_type="/etc/firewall.conf"
I believe that should be:
Code:
firewall_script="/etc/your_ruleset_file_here"
The FreeBSD Handbook has a section on IPFW: 28.6 IPFW

Be patient and read through that; you should be able to glean enough to put together a basic ruleset.
__________________
Kill your t.v.
Reply With Quote
  #3   (View Single Post)  
Old 31st May 2008
dctr dctr is offline
Port Guard
 
Join Date: May 2008
Posts: 30
Thanked 0 Times in 0 Posts
Default

Still not working, but I'll be reading that section shortly.
Reply With Quote
  #4   (View Single Post)  
Old 31st May 2008
dctr dctr is offline
Port Guard
 
Join Date: May 2008
Posts: 30
Thanked 0 Times in 0 Posts
Default

Read it, still don't get the problem
Reply With Quote
  #5   (View Single Post)  
Old 31st May 2008
exseven exseven is offline
New User
 
Join Date: May 2008
Posts: 1
Thanked 0 Times in 0 Posts
Default

can you post the contents (and filename) of your ruleset, as well as an ipconfig output?



firewall_enable="NO" # Set to YES to enable firewall functionality
firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall
firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall)
firewall_quiet="NO" # Set to YES to suppress rule display
firewall_logging="NO" # Set to YES to enable events logging
firewall_flags="" # Flags passed to ipfw when type is a file
Reply With Quote
  #6   (View Single Post)  
Old 14th June 2008
aleunix aleunix is offline
Real Name: Alessandro
Spam Deminer
 
Join Date: May 2008
Location: Italy
Posts: 224
Thanked 3 Times in 3 Posts
Default

Quote:
Originally Posted by anomie View Post

The FreeBSD Handbook has a section on IPFW: 28.6 IPFW
Yes it's good starting point.

To list all the rules:
# ipfw list

dctr in the article:
IPFW Firewall Explained
are used two network cards identified as xl0 and xl1.

You can identify your network card with a command:

#ifconfig

Naturally if you connect directly to the Internet through a router and you have only one network adapter is necessary to modify the example.

Note:
I use ipfw on opensolaris.

Certainly there is some difference but the substance does not change much.
Reply With Quote
  #7   (View Single Post)  
Old 17th June 2008
Eam404 Eam404 is offline
Port Guard
 
Join Date: May 2008
Posts: 21
Thanked 1 Time in 1 Post
Default

Granted IPFW is a fantastic firewall - Might I recommend a more syntax friendly firewall PF.

I am not trying to deter you from your IPFW, over the years I noticed a increasing amount of people switching (depends on needs), so you might want to take a gander.

Most will use IPFW w/ DummyNET for QoS -- The PF alternative, ALTq is good but not as polished as dummynet. Personally I'd still go with PF

Last edited by Eam404; 17th June 2008 at 08:50 PM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PF firewall bsdnewbie999 OpenBSD General 3 28th April 2009 12:35 PM
Simple Firewall with PF jones FreeBSD General 3 7th November 2008 02:02 AM
Firewall routing Magoo FreeBSD General 9 4th November 2008 04:39 PM
About Firewall for IPv6 berlowin FreeBSD Security 20 9th July 2008 01:24 AM
Web GUI for firewall ? giga FreeBSD General 6 8th May 2008 05:10 AM


All times are GMT. The time now is 07:23 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick