Date: Mon, 10 Jun 2019 18:42:23 +0800 From: Ganbold Tsagaankhuu <ganbold@gmail.com> To: "Ronald F. Guilmette" <rfg@tristatelogic.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: ipwf firewall stock rule types ? Message-ID: <CAGtf9xPczycXBJjU0p3=RPrNzM8sxX49w0GbsYPgfJVA639TnA@mail.gmail.com> In-Reply-To: <74910.1560155721@segfault.tristatelogic.com> References: <74910.1560155721@segfault.tristatelogic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 10, 2019 at 4:36 PM Ronald F. Guilmette <rfg@tristatelogic.com> wrote: > > I'm setting up a new server, from scratch, and I find that it's always > best to review relevant sections of the Handbook when doing so, especially > if one hasn't done this fopr a long time, which I haven't. > > This page has me a bit puzzled: > > > https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html > > This page says that the stock ipfw firewall rulesets are as follows: > > open: passes all traffic. > client: protects only this machine. > simple: protects the whole network. > closed: entirely disables IP traffic except for the loopback interface. > workstation: protects only this machine using stateful rules. > UNKNOWN: disables the loading of firewall rules. > ... > > I'd just like to know what the differences are between "client" and > "simple". > > Can anyone explain that to me, briefly? > You can quickly look at /etc/rc.firewall script. Ganbold > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGtf9xPczycXBJjU0p3=RPrNzM8sxX49w0GbsYPgfJVA639TnA>