Date: Wed, 22 Dec 2004 11:39:35 -0600 From: "Andras Kende" <andras@kende.com> To: "'Dott. Surricani'" <surricani@gmail.com>, <questions@FreeBSD.org> Subject: RE: problem with IPFILTER Message-ID: <20041222173933.A828C43D3F@mx1.FreeBSD.org> In-Reply-To: <4591fd91041222084112f01de8@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Dott. Surricani Sent: Wednesday, December 22, 2004 10:42 AM To: questions@FreeBSD.org Subject: problem with IPFILTER Hello everybody. I've succesfully set up an Inclusive Firewall for my small Lan, how explained in Chapter 24 of the Handbook, with IPFILTER and ipnat (Either with kld modules). I've included in rc.conf the lines neeeded and i've written custom ipf.rules and ipnat.rules... It's super, and work great, but I've got a problem/question: each time I restart the server the rules are cleared and It leave all packets enter and exit an I have to type in the shell ipf -Fa -f /etc/ipf.rules and ipnat -CF -f /etc/ipnat.rules It's very boring.... What I can do to automate this task? Thanks all very much!!!! _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" Hello /etc/rc.conf : #Enable routing packets between interfaces gateway_enable="YES" #Bring up the ipfilter software ipfilter_enable="YES" #Tell ipfilter where to get its rules ipfilter_rules="/etc/ipf.rules" #Enable ipnat ipnat_enable="YES" #Tell ipnat where to get its rules ipnat_rules="/etc/ipnat.rules" Best regards, Andras Kende http://www.kende.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041222173933.A828C43D3F>