Date: Thu, 26 Feb 2004 10:12:08 +0200 From: "Mihai Marie" <mmarie@lasting.ro> To: <freebsd-questions@freebsd.org> Subject: stateful firewall Message-ID: <004f01c3fc40$3a9dea40$37726050@mihai>
next in thread | raw e-mail | index | archive | help
Hello, I want to setup a firewall (on my LAN's gateway) so that the only traffic that pass through is the one initiated from my local network (we have public IP's). My firewall looks like this ipfw add check-state ipfw add deny tcp from any to any established ipfw add allow tcp from $my_lan to any setup keep-state The problems appear when I want to make some ftp traffic with a server that is outside (or any other traffic that tries to open a new separated connection in relation with the one initiated from our LAN). With iptables (in redhat) you can do: iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT but I don't know how can I do something like this using ipfw or another firewall on FreeBSD. Any help would be appreciated, Mihai Marie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004f01c3fc40$3a9dea40$37726050>