From: Joe Vender <[EMAIL PROTECTED]> > I've enabled the firewall in /etc/rc.conf via: > firewall_enable="YES" > firewall_type="client" > > But, ports 0 and 1 show as CLOSED, not STEALTHED at grc.com shieldsup! scan. > I'm on a standalone desktop computer with no LAN and am using a dialup > connection to access the internet. I've set the firewall type to "client". > What changes do I need to make to the firewall configuration file in order to > stealth the ports without causing any local problems? > > Joe Vender > Hi Joe, It's been awhile since I used FreeBSD as a firewall, but I believe I had to enable the following sysctl's:
As root, do: sysctl net.inet.udp.blackhole=1 do the same for: net.inet.tcp.blackhole=2 You can use either a "1" or "2" for TCP. I would use a "2". man blackhole - for more details. If they work for you , add them to /etc/sysctl.conf as just: net.inet.tcp.blackhole=2; so they'll be turned on when you reboot. Bob _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"