On Sat, Jul 01, 2006 at 11:46:42PM +0800, jan gestre wrote:
i recently installed and configured
(postfix+dovecot+amavisd-new+clamav+dspam+roundcubemail) in my freebsd
6.1box, i placed the box in my dmz protected by m0n0wall, however i
have no
firewall on the mentioned box and i'm relying on m0n0wall to protect it. is
that ok? i'm new to freebsd and read about pf and i'm having some thoughts
of installing pf as firewall in my webmailserver but i'm afraid to mess
things up especially now that the box is already a production server, do i
really need to install a separate firewall? is it an overkill? if not then
anybody kind enough to lend a working pf configuration that allows http,
smtp and ssh, i've read the handbook but don't understand it much
particularly the firewall thing.
I think you're right not to try this out on your production box. Pf is
nice, and I encourage you to use it, but *please* find a test machine!
Pf works well and it's pretty easy to learn, but you almost certainly
will make mistakes in the beginning.
In addition to the fine Handbook, there's a nice pf faq at
www.openbsd.org/faq/pf/ that explains a lot and has a few ruleset
examples.
If you learn your way on a test box it'll be a snap to put it in
production...
--
Darrin Chandler| Phoenix BSD Users Group
[EMAIL PROTECTED] | http://bsd.phoenix.az.us/
http://www.stilyagin.com/ |
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
