Date: Mon, 1 Apr 2002 21:38:51 -0500 From: nobody@cyberstreet.com To: freebsd-security@freebsd.org Subject: linksys 8 port router and ipfw Message-ID: <1065771453.20020401213851@email.com>
next in thread | raw e-mail | index | archive | help
thanks in advance. i have 8 windows clients behind a linksys router (befsr81 with updated firmware) on a hub that links to a freebsd box (4.5 release) running natd and connected to the net via cable; no dhcp anywhere. i can make it work, BUT, i am unsure of how well i have done it and how well it is protected. i have omitted the more mundane lo0 and spoofing entries for brevity. xl0 is internal interface. ipfw rules add divert natd all from any to any via xl1 add check-state add allow tcp from "the-router" to any 22 in setup keep-state add deny tcp from any to any 22 add allow all from "the-router" to any keep-state add allow all from any to any out default to deny #1 how can i change this so i doesn't suck and so the i can browse and ftp from bsd box? #2 see below, not as important as #1 but i didnt want to cross-post to questions. ***side note*** the strange thing about router. ssh works until i use the router. i googled and found other people that said to change to mtu on the nic and router, didnt work. the router only breaks ssh, (it is in /etc/hosts) you can still browse and ftp. remove the router and all works, without any other changes. i cheated and changed my sshd_config to listen on all interfaces and it will work through the router; not working on xl0 only xl1. i dont think this is, however, the best answer. again, i thank you all for any time and help. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1065771453.20020401213851>