Date: Sun, 5 May 2002 14:49:48 +0200 From: Axel Scheepers <axel@axel.truedestiny.net> To: Kathy Quinlan <katinka@magestower.com> Cc: questions@FreeBSD.ORG Subject: Re: firewalls and ip filtering ?? Message-ID: <20020505144948.E21194@mars.thuis> In-Reply-To: <EGEAIMMIBHIBOPAMFLLBMEFCCNAA.katinka@magestower.com>; from katinka@magestower.com on Thu, May 02, 2002 at 06:28:40PM %2B0800 References: <EGEAIMMIBHIBOPAMFLLBMEFCCNAA.katinka@magestower.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Kathy, On Thu, May 02, 2002 at 06:28:40PM +0800, Kathy Quinlan wrote: > Hi all that was the best subject I could think of lol. > > I need to rebuild my firewall and I am at a loss, I used to use Natd, but > since moving over to ADSL I have used the -nat switch in ppp. how do I > redirect all requests to ppp's nat like I used to do for Natd. That has been a while for me. As I remember correctly you can also set up some basic filtering with ppp, see man ppp and the example in /usr/share/examples/ppp/ppp.conf.sample You'll see that ppp can handle NAT and basic filtering which might be enough for the things you need to do. > > How can I restrict a certain computer to access only selected IP addresses, > yes this is the kids machine, and I find that most net monitoring Winblows > software is useless, It blocks most kids sites IE msn kids etc. So I think > it may be easier to do in FreeBSD than winblows (plus if it is off their > machine they can not try to bypass it (hard when your kids are as geeky as > their parents) you could use something like this in your ppp.conf: set filter out 1 deny ip.of.kids.comp forbidden.site.inet set filter in 2 deny forbidden.site.inet ip.of.kids.comp etc. Remember to define a dial and alive list too, so your gateway won't stay connected or starts dialing for no reason. Things to block might be ports 137-139 for all the windows traffic causing a dialup. > > Regards, > > Kat. > > ____________________________________________________________________________ > /"\ ASCII Ribbon Campaign | K.A.Q. Electronics > \ / - NO HTML/RTF in e-mail | Software and Electronic Engineering > X - NO Word docs in e-mail | Perth Western Australia > / \ | Ph +61 419 923 731 > ____________________________________________________________________________ > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.351 / Virus Database: 197 - Release Date: 19/04/2002 > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message Gr, -- Axel Scheepers UNIX System Administrator email: axel@axel.truedestiny.net a.scheepers@iae.nl http://axel.truedestiny.net/~axel ------------------------------------------ Reality is just a convenient measure of complexity. -- Alvy Ray Smith ------------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020505144948.E21194>