Date: Sun, 1 Jun 1997 22:19:29 -0700 (PDT) From: Julian Elischer <julian@current1.whistle.com> To: Harlan Stenn <Harlan.Stenn@pfcs.com> Cc: hackers@FreeBSD.ORG Subject: Re: Improvements to rc.firewall? Message-ID: <Pine.BSF.3.95.970601221741.23764A-100000@current1.whistle.com> In-Reply-To: <1883.865221686@mumps.pfcs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 1 Jun 1997, Harlan Stenn wrote: > These diffs are against the rc.firewall in -current. > > I believe the existing rules say: > > allow anybody from the outside who sends from port 53 or 123 to > send UDP packets to anyplace on our net > > If this is true, we should tighten it up ro only permit outsiders to > reach *our* DNS and NTP ports with UDP. > > These diffs *are intended* do the job... > [snip] check out the new ipfw options too. (in -current right now but being tested in 2.2.2 as we speak) julian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970601221741.23764A-100000>