From owner-freebsd-security Mon Nov 12 5:52:15 2001 Delivered-To: freebsd-security@freebsd.org Received: from smtp-server6.tampabay.rr.com (smtp-server6.tampabay.rr.com [65.32.1.43]) by hub.freebsd.org (Postfix) with ESMTP id B66F937B417 for ; Mon, 12 Nov 2001 05:52:05 -0800 (PST) Received: from ezri (24129137hfc158.tampabay.rr.com [24.129.137.158]) by smtp-server6.tampabay.rr.com (8.11.2/8.11.2) with ESMTP id fACDq1S17531 for ; Mon, 12 Nov 2001 08:52:01 -0500 (EST) From: "Wade Majors" To: Subject: RE: Filtering packets based on incoming address Date: Mon, 12 Nov 2001 08:51:33 -0500 Message-ID: <000601c16b81$26a957b0$9700a8c0@ezri> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > >In the few days I've had them in; it hasn't caught anything, > > How do you determine this? You don't specify "log" for the rules. `ipfw show` shows 0-0 for both rules > For my own network (behind a single static routable IP address), I check > for & block quite a bit more, both before & after NAT. I used the > "simple" /etc/rc.firewall as a starting-point, and augmented it > considrably -- especially when I deployed a second, untrusted, net that > is also behind my firewall (for the wireless access). I am doing per port blocking/allowing after the natd rule, which seems to be working okay for me. -Wade To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message