Date: Fri, 6 May 2005 14:01:26 +0400 From: =?Windows-1251?B?yOLg7e7iIMjr/P8=?= <peanky@mail.ru> To: questions@FreeBSD.org Subject: IPFW: 24.6.5.7 An Example NAT and Stateful Ruleset Message-ID: <843429403.20050506140126@mail.ru>
next in thread | raw e-mail | index | archive | help
Hallo! I read article (http://freebsd.vinf.ru/doc/en/books/handbook/firewalls-ipfw.html) and use your example from "An Example NAT and Stateful Ruleset" part. So, when I use this script for ipfw, I can't be able to use internet, but if I disable the rules 400, 450 I can use internet. I use FreeBSD 4.10, nat, ipfw, squid. # Reject & Log all unauthorized incoming connections from the public Internet $cmd 400 deny log all from any to any in via $pif # Reject & Log all unauthorized out going connections to the public Internet $cmd 450 deny log all from any to any out via $pif My question is: can I use this script for ipfw without rules 400 and 450 or it is a potential threat of security of my system? May be we can put me a link to any article about this? With a best regards, Ivanov Ilya.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?843429403.20050506140126>