Date: Sun, 04 Jul 2004 17:45:50 -0600 From: Scott Stahl <sstahl@shaw.ca> To: 'Pedro Paulo Jr' <ppj@netfilter.com.br>, freebsd-ipfw@freebsd.org Subject: RE: Server FW Rules Message-ID: <0I0C00D3TQ0HZ5@l-daemon> In-Reply-To: <001a01c4621b$71c2fe20$2c1906c9@vilapnq0uu055v>
next in thread | previous in thread | raw e-mail | index | archive | help
These rules don't seem to work. The internal 10.0.0.100 works though. If I issue a IPFW DISABLE FIREWALL all seems to work. Thanks, Scott. -----Original Message----- From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org] On Behalf Of Pedro Paulo Jr Sent: Sunday, July 04, 2004 5:06 PM To: freebsd-ipfw@freebsd.org Subject: Re: Server FW Rules ipfw add 10 allow all from 10.0.0.0/24 to any ipfw add 20 allow tcp from any to EXTERNAL_IP http ipfw add 30 allow tcp from any to EXTERNAL_IP https ipfw add 40 allow tcp from any to EXTERNAL_IP ssh ipfw add 50 allow tcp from any to EXTERNAL_IP ftp <put aditional rules> ipfe deny all from any to any ---------------------------------------------------------------------------- --------------------------- I have a webserver that I would like to get a good set of firewall rules for. The only services that are running are http, https, ssh and ftp. I also have a trusted internal adaptor at 10.0.0.100 Thanks for your input, Scott. _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0I0C00D3TQ0HZ5>