Date: Sun, 20 May 2001 04:23:37 -0500 (CDT) From: Nick Rogness <nick@rogness.net> To: "Orville R. Weyrich.Jr" <orville@weyrich.com> Cc: "Freebsd Net (E-mail)" <freebsd-net@FreeBSD.ORG> Subject: Re: Restricting traffic on one interface Message-ID: <Pine.BSF.4.21.0105200420270.65985-100000@cody.jharris.com> In-Reply-To: <Pine.LNX.4.10.10105192301190.3361-100000@dopey.weyrich.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 19 May 2001, Orville R. Weyrich.Jr wrote: > I have a dual homed FreeBSD-4.3 machine and want to restrict traffic > on one interface but not the other (one interface is to a trusted > network and the other is not). > > What I want is the untrusted interface to only present SMTP and HTTP > ports, while the trusted interface presents telnet, ftp, NFS, SMB, > etc. > > What is the best way to do this? The machine does NOT have IP > forwarding enabled. Run a firewall to block traffic on that interface. You can search the archives or the web for more information. See also ipfw man page. Of course, there are other ways to do this, but firewalling is probably best suited for this task. Nick Rogness <nick@rogness.net> - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0105200420270.65985-100000>