Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 10 Aug 2005 05:24:42 +0900
From:      "Tetsuji \"Maverick\" Rai" <maverick31337@vfemail.net>
To:        freebsd-ipfw@freebsd.org
Subject:   firewall/nat question: simple, but no example found
Message-ID:  <42F9110A.5080204@vfemail.net>

Next in thread | Raw E-Mail | Index | Archive | Help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I've been using Linux and know iptables well, but I don't know ipfw
although I had been using FreeBSD for 3 years good old days w/o firewall
with dial up connection ;)  So here goes my question.

I am building a FreeBSD gateway at home.   It obtains an external IP
address from ISP dynamically using dhcp and I have two other boxes (and
some virtual boxes) internally using static private network addresses
(192.168.x.x).

I want to set up a firewall/nat so that

1. The gateway (also a web server) accepts tcp port 80 and (probably) 25
from outside. but incoming tcp/udp ports 1-1024,1043,10000 connections
are blocked.
2. Inside private network, nothing is blocked.

Isn't it so simple?  But I cannot find any nice examples...the default
rc.firewall contains examples using the static ip address, but not DHCP.
 I want to specify the interface not ip address.  BTW my external
interface is rl0 (dhcp) and the internal one is fxp0 (static).

Thanks in advance!
- --
Tetsuji 'Maverick' Rai
PGP Key fingerprint = 2021 6BF9 CEA3 73DE FF17  B326 F4DA F04E F784 3B85
gpg fingerprint
Aviation Jokes: http://www.geocities.com/tetsuji_rai/
Profile http://maverick.ns1.name/
http://maverick.IsASecret.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFC+REK9NrwTveEO4URAs8KAJ9R+KCeArtI7/op4y3TlHQI3n/wmQCfQ0BF
GeyuJ9dEccxdFFqOfng/yj4=
=54jR
-----END PGP SIGNATURE-----



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?42F9110A.5080204>