Date: Sun, 25 Mar 2001 10:28:33 -0800 From: Ron 'The InSaNe One' Rosson <insane@lunatic.oneinsane.net> To: Randy Bush <randy@psg.com> Cc: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: ipf idiot wants to roam Message-ID: <20010325102833.A67418@lunatic.oneinsane.net> In-Reply-To: <E14hExB-0003q8-00@rip.psg.com>; from randy@psg.com on Sun, Mar 25, 2001 at 10:09:25AM -0800 References: <E14hExB-0003q8-00@rip.psg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Randy Bush (randy@psg.com) wrote: > [ i can find no list for ipf questions. if folk know of one, please tell > me. ] > > installing ipf on a machine which roams and therefore changes both > interfaces (wi0, ep0, and tun0) and ip addresses. trying to come up > with a ipf.rules as a first time ipf user. help appreciated > > randy > Here is what I use. # Ruleset taken from http://www.obfuscation.org/ipf/ipf-howto.txt # Section 7.1 pass in quick on lo0 all pass out quick on lo0 all block in log all block out all # This allows for AUTH pass in quick proto tcp from any to any port = 113 flags S/SA keep state #This allows for FTP pass in quick proto tcp from any port = 20 to any port 39999 >< 45000 flags S/SA keep state pass out quick proto icmp from any to any keep state pass out quick proto tcp/udp from any to any keep state keep frags I allow 113 because I tend to IRC alot. ;-) TIA -- ------------------------------------------------------------------------------ Ron Rosson ... and a UNIX user said ... The InSaNe One rm -rf * insane@oneinsane.net and all was /dev/null and *void() ------------------------------------------------------------------------------ Give a man a fish and you feed him for a day; teach him to use the Net and he won't bother you for weeks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010325102833.A67418>