Date: Mon, 12 Nov 2001 08:51:33 -0500 From: "Wade Majors" <wade@ezri.org> To: <security@freebsd.org> Subject: RE: Filtering packets based on incoming address Message-ID: <000601c16b81$26a957b0$9700a8c0@ezri>
next in thread | raw e-mail | index | archive | help
> >In the few days I've had them in; it hasn't caught anything, > > How do you determine this? You don't specify "log" for the rules. `ipfw show` shows 0-0 for both rules > For my own network (behind a single static routable IP address), I check > for & block quite a bit more, both before & after NAT. I used the > "simple" /etc/rc.firewall as a starting-point, and augmented it > considrably -- especially when I deployed a second, untrusted, net that > is also behind my firewall (for the wireless access). I am doing per port blocking/allowing after the natd rule, which seems to be working okay for me. -Wade To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000601c16b81$26a957b0$9700a8c0>