From owner-freebsd-questions Sun Oct 17 20: 0:52 1999 Delivered-To: freebsd-questions@freebsd.org Received: from sanson.reyes.somos.net (freyes.static.inch.com [207.240.212.43]) by hub.freebsd.org (Postfix) with ESMTP id 6116B14D49 for ; Sun, 17 Oct 1999 20:00:47 -0700 (PDT) (envelope-from fran@reyes.somos.net) Received: from tomasa (tomasa.reyes.somos.net [10.0.0.11]) by sanson.reyes.somos.net (8.9.3/8.9.3) with SMTP id WAA24874; Sun, 17 Oct 1999 22:58:13 -0400 (EDT) (envelope-from fran@reyes.somos.net) Message-Id: <199910180258.WAA24874@sanson.reyes.somos.net> From: "Francisco Reyes" To: "Ken Kyler" Cc: "FreeBSD questions" Date: Sun, 17 Oct 1999 22:57:10 -0400 Reply-To: "Francisco Reyes" X-Mailer: PMMail 98 Professional (2.01.1600) For Windows 98 (4.10.1998) MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: RE: Firewalls for Morons Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 17 Oct 1999 20:24:07 -0400, Ken Kyler wrote: >> Try with an "open" firewall. Then ad a rule from a shell >> ipfw add ## allow log from any to any >The answer was in the rc.conf >firewall_type="SIMPLE" >should have been >firewall_type="simple" Glad you got it to work. don't forget the deny log and allow log from any to any hints. The "simple" set of rules will bump you into lots of issues, specially if you have a "deny all from any to any" at the end. I don't particularly like the open firewall setting (i.e. allow anything which is not trapped by a rule) because this may lead to open holes which one may not be aware. Good luck! Now that you got that working is only the beginning... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message