Date: Sat, 13 Apr 1996 21:45:22 +0200 (MET DST) From: Andreas Klemm <andreas@knobel.gun.de> To: Poul-Henning Kamp <phk@critter.tfs.com> Cc: Bill Fenner <fenner@parc.xerox.com>, current@freebsd.org Subject: Re: rc.firewall has some syntax errors and sample config hangs machine Message-ID: <Pine.BSF.3.92.960413212653.6017B-100000@knobel.gun.de> In-Reply-To: <18312.829409918@critter.tfs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- On Sat, 13 Apr 1996, Poul-Henning Kamp wrote: > > It would be fine, if the firewall configurations in /etc/rc.firewall > > could be enhanced. For example one could add more examples, so > > that people could pick up better, what they really need ... > > Well, you see, I kind of expected somebody like you to say something > along those lines. Now, Andreas, you don't have anything really > important scheduled the next couple of weeks ? No ? Fine!. > You see I'm flat out of time right now... ok, as usual ;-)) So you seem to have more important things on your wishlist ;-)) > I'm looking forward to your patches :-) Sorry, I can't promise much in the moment. Was a bit clumsy from me to expect, that you can simply present a well tested clever solution ... This firewall stuff is really not trivial. The biggest problem is, to have the hardware and time to _test_ it. > Maybe rc.firewall needs to be rethought a bit, maybe one file > per example or something, I'm not too happy with the "if false" > thing... Don't say that ... I like the file really much. Because it's well documented and shows, how one could configure a firewall. My only wish was a clever entry for the many people like me, that are connected to the internet via dialup modem && want to have a safe machine. When I was fiddeling around with this I saw, that it's really difficult, to forbid things without breaking the services you need yourself (ftp, telnet, http proxy, uucp over tcp ;-)) Thanks again for making this example and I'll see if I can make a good working and good documented example for PPP... Nice weekend Andreas /// - -- andreas@knobel.gun.de /\/\___ Wiechers & Partner Datentechnik GmbH Andreas Klemm ___/\/\/ $$ Support Unix - aklemm@wup.de $$ pgp p-key http://www-swiss.ai.mit.edu/~bal/pks-toplev.html >>> powered by <<< ftp://sunsite.unc.edu/pub/Linux/system/Printing/aps-491.tgz >>> FreeBSD <<< -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMXAEUvMLpmkD/U+FAQHr/AQAuHWKm5TQs6y+AJ1yj7ebwatRL+5Ern7K S0gxydvL9ikqbjQLqgu2BXgc7kk5THKixVXhBGBcCj7EAzie2ssQ7ZDa7+S8WPoN ikmuU5rShHiDh9SaR1rAr44/cTYI3OFRop2+zUytC44ALdzoCTvLEp6ITbsT9iaq 8OWmnZeuQlg= =GZvv -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.92.960413212653.6017B-100000>