Date: Wed, 24 Jan 2001 10:46:31 -0500 From: Pete Fritchman <petef@databits.net> To: John Telford <j.telford@sympatico.ca> Cc: freebsd-security@freebsd.org Subject: Re: IPFW modify the "simple" rule set 4.2 to allow ... Message-ID: <20010124104631.B4887@databits.net> In-Reply-To: <000a01c08606$9041efe0$2823e540@johnny2k>; from j.telford@sympatico.ca on Wed, Jan 24, 2001 at 08:07:11AM -0500 References: <000a01c08606$9041efe0$2823e540@johnny2k>
next in thread | previous in thread | raw e-mail | index | archive | help
[ freebsd-net removed ]
++ 24/01/01 08:07 -0500 - John Telford:
>I'd like to get the settings in the right place so I'm asking the experts. Freebsd 4.2 release with firewall type set to "simple".
>It works but I'd like to allow 2 things through.
>SSH connections from the public side to the firewall.
You'll need to modify /etc/rc.firewall. Look through until you see something
like:
[Ss][Ii][Mm][Pp][Ll][Ee])
############
# This is a prototype setup for a simple firewall. Configure this
# machine as a named server and ntp server, and point all the machines
# on the inside at this machine for those services.
############
Scroll down and before the command that says "Reject&Log all setup of incoming
connections ...", add:
# Allow access to SSH
${fwcmd} add pass tcp from any to ${oip} 22 setup
>Connections to a Web server on the inside.
I'm not quite sure what you mean - do you have a webserver on another port?
WWW is already allowed through in the simple firewall type.
>
>Thanks in advance. John.
-pete
--
Pete Fritchman <petef@databits.net>
Databits Network Services, Inc. <http://databits.net>;
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010124104631.B4887>