Date: Sat, 11 Aug 2001 22:43:16 +0100 From: Richard Smith <rdls@satamatics.com> To: Walentyn@newsguy.com Cc: FreeBSD-Questions@freebsd.org Subject: Re: IPFW STEALTH Message-ID: <20010811224316.A733@gaia.home.rdls.net> In-Reply-To: <200108102043.NAA58331@newsguy.com>; from Walentyn@newsguy.com on Fri, Aug 10, 2001 at 01:43:07PM -0700 References: <200108102043.NAA58331@newsguy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 10, 2001 at 01:43:07PM -0700, Walentyn@newsguy.com wrote: > After using IPFilter/IPNat and GBLight successfully on different boxes for a > couple of years, I am trying and have set up a working IPFirewall/Natd > firewall on another box. > > One thing eludes me though, with either IPF/Nat or GBL you can easily set up > invisible (stealth) firewalls. How do I make the IPFW/NATD firewall stealth? > > I have read Renaud Waldura most excellent IPFW how-to at: > > http://renaud.waldura.com/doc/freebsd/firewall/ > > wherein he makes reference to a "DROP_SILENT knob" to IPFW. However, I cannot > find it anywhere. I'm not sure exactly what you're looking for, but the kernel option: options IPSTEALTH and the following sysctl's may help: net.inet.tcp.blackhole=2 net.inet.udp.blackhole=1 net.inet.ip.stealth=1 > > Any help would be appreciated. > > Thanks in advance. > > Walentyn > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Richard Smith Network Systems Director Satamatics Ltd Green Lane, Tewkesbury, GL20 8HD, United Kingdom Tel: +44 1684 278610 Fax: +44 1684 278611 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010811224316.A733>