From owner-freebsd-security@FreeBSD.ORG  Tue Feb 24 07:09:27 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2DD3016A4CE
	for <freebsd-security@freebsd.org>;
	Tue, 24 Feb 2004 07:09:27 -0800 (PST)
Received: from mail.sandvine.com (sandvine.com [199.243.201.138])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9003843D1D
	for <freebsd-security@freebsd.org>;
	Tue, 24 Feb 2004 07:09:26 -0800 (PST)
	(envelope-from rkim@sandvine.com)
Received: by mail.sandvine.com with Internet Mail Service (5.5.2657.72)
	id <15P45QTN>; Tue, 24 Feb 2004 10:09:25 -0500
Message-ID: <FE045D4D9F7AED4CBFF1B3B813C853370397699F@mail.sandvine.com>
From: Richy Kim <rkim@sandvine.com>
To: 'Pons' <pons@gmx.li>, freebsd-security@freebsd.org
Date: Tue, 24 Feb 2004 10:09:24 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2657.72)
Content-Type: text/plain;
	charset="iso-8859-1"
Subject: RE: improve ipfw rules
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Feb 2004 15:09:27 -0000

>> 3. I'm intrested in blocking kazaa/P2P trafic with IPFW any help in this
issue
you could possibly block connections at known p2p ports.
deny tcp from any to any 6699 step
but most of the newer protocols use dynamic ports and in turn, are
configurable. 
so ipfw isn't exactly ideal on it's own for this.

-r.


-----Original Message-----
From: Pons [mailto:pons@gmx.li]
Sent: Tuesday, February 24, 2004 6:33 AM
To: freebsd-security@freebsd.org
Subject: improve ipfw rules


I have configured a FreeBSD 5.1 rel box 2 NIC's (Ext.ip/Int.ip)
with ipfw/natd/squid the setup is working