From owner-freebsd-questions Mon Mar 11 7:37:12 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mail1.handelsbanken.se (mail1.handelsbanken.se [195.100.68.36]) by hub.freebsd.org (Postfix) with ESMTP id 00DCC37B404 for ; Mon, 11 Mar 2002 07:37:06 -0800 (PST) Received: by mail1.handelsbanken.se with ESMTP id QAA21815; Mon, 11 Mar 2002 16:37:01 +0100 (MET) Received: by mail3.handelsbanken.se with ESMTP id QAA00716; Mon, 11 Mar 2002 16:37:01 +0100 (MET) Subject: Re: IPFW question! To: Server Admin Cc: questions@FreeBSD.ORG X-Mailer: Lotus Notes Release 5.0.6a January 17, 2001 Message-ID: From: "Peter =?iso-8859-1?Q?Lepp=E4nen?=" Date: Mon, 11 Mar 2002 16:34:22 +0100 X-MIMETrack: Serialize by Router on STHHUB02/Stockholm/SHB(Release 5.0.6a |January 17, 2001) at 2002-03-11 16:34:23 MIME-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: quoted-printable Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Yes I understand that I have to modify the file if I like to have addit= ional services like ssh and ftp and so on. But the standard rc.firewall script, simple type should give me access = to DNS and HTTP. Is this not correct? /Peter = =20 Server Admin = =20 To: "Peter Lep= p=E4nen" , =20 Sent by: questions@FreeBSD.= ORG =20 owner-freebsd-questions@F cc: = =20 reeBSD.ORG Subject: Re: I= PFW question! =20 = =20 = =20 2002-03-11 16:28 = =20 = =20 = =20 Peter, you will need to modify that very sparse basic script to allow a= ny additional services you want, like port 80 for http Internet services..= .. At 02:24 PM 3.11.2002 +0100, Peter Lepp=E4nen wrote: >Hello! > >Installed a box with 4.5-release on it. Added IPFW and rebuilt the ker= nel. >Then I enabled NAT and IPFIREWALL in rc.conf (and disabled some other= stuff). >For start I changed the ipfirewall_type to "OPEN" to check that NAT wo= rked. >And so it did...up to this point everything worked great. >But when I changed the ipfirewall_type to "SIMPLE" I could no longer g= et >out on the Internet =3D(. The simple type should give me access to do = at least DNS >queries and run HTTP. It says so in the rc.firewall file anyway. >The only modification that I have made to the rc.firewall file is addi= ng my >ip, net and mask of my two NICs. > >Is this a known problem or what? Can=B4t find anything about it. > >Can somebody help me before I loose my mind! =3D) > >Regards! > >Peter > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > .... our website: http://www.sage-one.net/ Best regards, Jack L. Stone Server Admin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message = To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message