Date: Wed, 4 Feb 2004 00:54:48 +1100 From: Emmanuel Dwamena <dwamenae@gco.apana.org.au> To: freebsd-questions@FreeBSD.ORG Subject: Re: Which interface do I put natd and ipfw Message-ID: <200402040054.48227.dwamenae@gco.apana.org.au> In-Reply-To: <4465epk3a5.fsf@be-well.ilk.org> References: <200402022344.36084.dwamenae@gco.apana.org.au> <4465epk3a5.fsf@be-well.ilk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Lowell, Thanks for the info. You are right. I don't need the ip address for the external interface in order to configure the firewall. I couldn't understand the sample files that came with ipfw. I thought I had to follow the sample file the way it was given. Now I know I can change it to the way I want. Thanks once again. regds ed On Tue, 3 Feb 2004 12:40 am, you wrote: > Emmanuel Dwamena <dwamenae@gco.apana.org.au> writes: > > I need help to set up firewall on my freebsd 5.1 box. I have built new > > kernel with ipfw enabled and is working fine. > > I need to know which of the 3 interfaces do I put the natd and ipfw. > > My freebsd 5.1 box has 2 nic cards. ed0 connects to LAN and ed1 connects > > to adsl modem. I use user ppp to setup the connection to the isp who > > assigns dynamic ip address to the tun0 interface. I have no ip address > > assigned to ed1. I have traffc coming in through the tun0 from outside > > to the LAN. Which of the interfaces do I use to block unwanted traffic > > from the internet.- ed1 or tun0? > > tun0 > > > How do I configure the tun0 interface for the firewall since I > > do not know the interface address before hand? > > You have two choices; either don't use the address in the firewall > setup at all (it isn't really useful...) or use the "me" keyword for > the address (see ipfw(8)). > > > Secondly which interface do I > > place natd? > > tun0 -- email: dwamenae@gco.apana.org.au
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200402040054.48227.dwamenae>