--On May 10, 2006 6:22:11 PM -0700 Mark Jayson Alvarez [EMAIL PROTECTED]
wrote:
I've seen most people allow all outgoing traffic
originating from the firewall itself... Is this really
recommended?? What if the machine have been
compromised and the intruder have installed a program
that let's
I've seen most people allow all outgoing traffic
originating from the firewall itself... Is this really
recommended?? What if the machine have been
A server being a server (and a firewall is nothing but a specific
server) there is no reason one would run a client application from
that machine
On Thursday 27 April 2006 03:10, fbsd wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of H. Wade
Minter
..
I want all traffic allowed unfettered, except traffic from
particular
IPs to be completely blocked coming in.
Can someone show me
On Thursday 27 April 2006 17:53, RW wrote:
On Thursday 27 April 2006 03:10, fbsd wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of H. Wade
Minter
..
I want all traffic allowed unfettered, except traffic from
particular
IPs to
On 2006-04-27 17:53, RW [EMAIL PROTECTED] wrote:
On Thursday 27 April 2006 03:10, fbsd wrote:
H. Wade Minter wrote:
I want all traffic allowed unfettered, except traffic from
particular IPs to be completely blocked coming in.
Can someone show me which ipf rules to use to get that result?
I'm not extremely comfortable with doing firewall testing remotely on
production systems, but I need to set up some incoming IP blocks.
I've got a FreeBSD RELENG_5_4 system with public interface rl0.
I want all traffic allowed unfettered, except traffic from particular
IPs
block in quick on rl0 from x.x.x.x to any
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of H. Wade
Minter
Sent: Wednesday, April 26, 2006 8:47 PM
To: [EMAIL PROTECTED]
Subject: Simple firewall question: Blocking a handful of IPs
I'm not extremely
, other).
(eg. www.yahoo.com) using built in freebsd 6.0
firewall?
You can block websites with packet filtering firewall, but
better install some proxy server (/usr/ports/www/oops,
/usr/ports/www/squid). Then you'll be able not only block access by IP
address, but also block access by URL (or part
On 2006-04-06 21:04, ilyana ramlan [EMAIL PROTECTED] wrote:
hello,
i have another question,
Do i have to install IPTable before configuring
hosts.allow file?
There is no such thing as IPTable on FreeBSD.
___
freebsd-questions@freebsd.org mailing
You need to read the firewall section of the freebsd handbook.
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.
html
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of ilyana
ramlan
Sent: Thursday, April 06, 2006 11:58 PM
To: freebsd
You need to read the firewall section of the freebsd handbook.
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.
html
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of ilyana
ramlan
Sent: Friday, April 07, 2006 12:04 AM
To: freebsd
ilyana ramlan wrote:
hello,
i have another question,
Do i have to install IPTable before configuring
hosts.allow file?
thanks
No; TCP wrappers are independent of your firewall.
Also, and I'm ready to stand corrected, but iptable
isn't a part of FreeBSD, and aren't even ported AFAIK
Hello,
I have few questions:
1) How do i block websites by typing their url name
(eg. www.yahoo.com) using built in freebsd 6.0
firewall?
2) Do i have to configure the hosts.allow file to
block websites and must i know their IP address to
block websites? Can i block them by their URL names
hello,
i have another question,
Do i have to install IPTable before configuring
hosts.allow file?
thanks
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Hi,
I was configuring the Firewall when I got this message:
Mar 20 11:16:08 bsd-net kernel: ipfw: limit 100 reached on entry 835
And the firewall stoped to create log messages after this message.
What I do need to do to IPFW do not stop writing the log file?
If I change this option
Rodrigo G. Tavares de Souza wrote:
Hi,
I was configuring the Firewall when I got this message:
Mar 20 11:16:08 bsd-net kernel: ipfw: limit 100 reached on entry 835
And the firewall stoped to create log messages after this message.
What I do need to do to IPFW do not stop writing
On 20/3/06 14:57, Rodrigo G. Tavares de Souza
[EMAIL PROTECTED] wrote:
Hi,
I was configuring the Firewall when I got this message:
Mar 20 11:16:08 bsd-net kernel: ipfw: limit 100 reached on entry 835
And the firewall stoped to create log messages after this message.
What I
in your httpd.conf - it's rather useless and it will add a
dependency on DNS to your web services.
WAN. People have tried pinging and browsing, with no success.
then I would review the rules...
Relevant rules text(and based on both startup text and behaviour of
the firewall for other
andrew clarke [EMAIL PROTECTED] writes:
Is it possible to configure the FreeBSD firewall to block ports on a
per-user or per-executable basis?
If your firewall is PF, you can use authpf(8) to configure per user rule sets.
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation
All right. I've got my firewall up and running, and my workstation can
get almost anywhere it needs to just fine.
The lone exception being the web server located on the firewall machine
itself.
I can access it by directly referencing the private-interface IP, but if
my workstation tries
Brian Bobowski wrote:
All right. I've got my firewall up and running, and my workstation can
get almost anywhere it needs to just fine.
you dont' say if you are using ipfw, ipf , pf
I can access it by directly referencing the private-interface IP, but if
my workstation tries to get
Norberto Meijome wrote:
Brian Bobowski wrote:
All right. I've got my firewall up and running, and my workstation can
get almost anywhere it needs to just fine.
you dont' say if you are using ipfw, ipf , pf
Sure I do. IPFW; mentioned lower down.
I can access it by directly
Brian Bobowski wrote:
Norberto Meijome wrote:
Brian Bobowski wrote:
All right. I've got my firewall up and running, and my workstation can
get almost anywhere it needs to just fine.
you dont' say if you are using ipfw, ipf , pf
Sure I do. IPFW; mentioned lower down.
sorry
on both startup text and behaviour of the
firewall for other tasks, I know the rules file is being parsed)
excerpted below:
---
cmd=ipfw -q add
pif=rl0 #Interface which opens to the WAN; NAT interface
prif=ed0 #LAN interface, private-side
ks=keep-state
# More stuff here...
$cmd 400 allow udp from
Is it possible to configure the FreeBSD firewall to block ports on a
per-user or per-executable basis?
eg.
- Block /usr/local/bin/irc from connecting to TCP port 6667
- Block user 'johnsmith' from connecting to TCP port 21
etc.
Thanks.
Regards
Andrew
: fine grained firewall?
Is it possible to configure the FreeBSD firewall to block ports on a
per-user or per-executable basis?
eg.
- Block /usr/local/bin/irc from connecting to TCP port 6667
- Block user 'johnsmith' from connecting to TCP port 21
etc.
Thanks.
Regards
Andrew
andrew clarke wrote:
Is it possible to configure the FreeBSD firewall to block ports on a
per-user or per-executable basis?
eg.
- Block /usr/local/bin/irc from connecting to TCP port 6667
- Block user 'johnsmith' from connecting to TCP port 21
Yes to users (if the connections originate
[mailto:[EMAIL PROTECTED] On Behalf Of Chuck Swiger
Sent: Thursday, February 09, 2006 4:30 AM
To: andrew clarke
Cc: freebsd-questions@freebsd.org
Subject: Re: fine grained firewall?
andrew clarke wrote:
Is it possible to configure the FreeBSD firewall to block ports on a
per-user
On Thu, Feb 09, 2006 at 07:30:17AM -0500, Chuck Swiger wrote:
Is it possible to configure the FreeBSD firewall to block ports on a
per-user or per-executable basis?
eg.
- Block /usr/local/bin/irc from connecting to TCP port 6667
- Block user 'johnsmith' from connecting to TCP
andrew clarke wrote:
On Thu, Feb 09, 2006 at 07:30:17AM -0500, Chuck Swiger wrote:
[ ... ]
Yes to users (if the connections originate from the firewall box), no to
per-executables. The latter seems useless when cp irc myirc is all it
would
take to defeat it. Frankly, neither option is very
Hi, thanks for the replies.
As per Chuck's request, I've lamped together the output of the suggested
commands and got the current kernel configuration and put them online for
you to take a look at and see what you think.
http://www.sisko.net/bridge/dmesg.txt
Hi there. I wonder if somebody could help me with an issue I'm experiencing.
I've put together a bridging firewall using FreeBSD 5.X. The traffic routes
through fine and presently I'm using IPFW, default policy is set to deny,
with certain rules/ports allowed to pass through. The three
served by HTTP, and sending a link.
I've put together a bridging firewall using FreeBSD 5.X. The traffic routes
through fine and presently I'm using IPFW, default policy is set to deny,
with certain rules/ports allowed to pass through. The three interfaces that
are being bridged are all gigabit
and cause
I beleive other firewall solution (iptable or ipchain whatever is the
newest) have rate limiting for specific kind of traffic, so this
should prevent DoS, but as far as I remember ipfw has no such feature.
Olivier
___
freebsd-questions
P.S.
I ought to have mentioned I'm DHCP. And,as a further aside to this -
you see,
I REALLY DO KNOW JACK-ALL - why is it considered bad form to turn off ones
broadband connection ? I do it every day, no problems in re-connecting... I
have, after my last posting I Mamma'd around a bit,
Hi
I am interested implementing a firewall in SW that has similar
features as a Cisco PIX firewall. But, I don't want to roll
my own ipfw statements. A nice gui would be nice. From the
ports index I see things like:
dante-1.1.15 A circuit-level firewall/proxy
cp2fwb-0.6
I am interested implementing a firewall in SW that has similar
features as a Cisco PIX firewall. But, I don't want to roll
my own ipfw statements. A nice gui would be nice. From the
ports index I see things like:
dante-1.1.15 A circuit-level firewall/proxy
cp2fwb-0.6
: Thursday, January 12, 2006 11:31
To: [EMAIL PROTECTED]
Subject: Looking for SW Firewall
Hi
I am interested implementing a firewall in SW that has similar
features as a Cisco PIX firewall. But, I don't want to roll
my own ipfw statements. A nice gui would be nice. From the
ports index I see things
Hi all,
This probably isn't a FreeBSD-specific problem, but it's vexing nonetheless.
So we have our servers accessing the outside world through their own
firewall on a FreeBSD machine. Nothing too fancy, just routing
traffic and shutting off unused ports. However, this morning the
ethernet
Matt Singerman wrote:
Hi all,
This probably isn't a FreeBSD-specific problem, but it's vexing nonetheless.
So we have our servers accessing the outside world through their own
firewall on a FreeBSD machine. Nothing too fancy, just routing
traffic and shutting off unused ports. However
Hi,
I recently installed FreeBSD 6-Release on my AMD AthlonXP box. I
recompiled the kernel with 'cvstag=6_RELENG' with firewall enabled and
everything went smoothly. I buildworld, compiled kernel and installed it.
And after installing the world in single user mode, I tried to boot into
newly
siva m wrote:
Hi,
I recently installed FreeBSD 6-Release on my AMD AthlonXP box. I
recompiled the kernel with 'cvstag=6_RELENG' with firewall enabled and
everything went smoothly. I buildworld, compiled kernel and installed it.
And after installing the world in single user mode, I tried
On Saturday 26 November 2005 12:02 pm, siva m wrote:
Hi,
I recently installed FreeBSD 6-Release on my AMD AthlonXP box.
I recompiled the kernel with 'cvstag=6_RELENG' with firewall
enabled and everything went smoothly. I buildworld, compiled kernel
and installed it. And after installing
On 2005-11-26 12:02, siva m [EMAIL PROTECTED] wrote:
Hi,
I recently installed FreeBSD 6-Release on my AMD AthlonXP
box. I recompiled the kernel with 'cvstag=6_RELENG' with
firewall enabled and everything went smoothly. I buildworld,
compiled kernel and installed it.
Hi,
Please do
Take a look at m0n0wall on steroids: http://www.pfsense.com/
On 11/20/05, Sanjay Arora [EMAIL PROTECTED] wrote:
I am looking for any open source project that can help me build
manage, preferably through a GUI, a multi WAN firewall gateway to the
internet, with DMZ, load-sharing, traffic
I am looking for any open source project that can help me build
manage, preferably through a GUI, a multi WAN firewall gateway to the
internet, with DMZ, load-sharing, traffic bifurcation on priority/port
and auto-ISP failover on any WAN link with IDS/IPS, NAT VPN features.
I am not necessarily
On 11/17/05 21:21 Sasa Stupar said the following:
--On 17. november 2005 18:19 +0800 Dinesh Nair [EMAIL PROTECTED] wrote:
it's a freebsd 4.11 based system with a nice UI.
Hmmm, this looks interesting.
and there's now an ALPHA release based on freebsd 6.0-RELEASE.
one thing we've noticed
Hi!
I am about to set up a router with FBSD 5.4 for SOHO network. There will be
no servers running, only inet access for the users but I'd like to make
traffic limitation for users (download and upload). Which firewall of the
three one explained in the handbook do you recommend?
Regards
On 11/17/05 18:15 Sasa Stupar said the following:
Hi!
I am about to set up a router with FBSD 5.4 for SOHO network. There will
be no servers running, only inet access for the users but I'd like to
you could try using m0n0wall, http://m0n0.ch/wall/
it's a freebsd 4.11 based system with a
Sasa Stupar wrote:
Hi!
I am about to set up a router with FBSD 5.4 for SOHO network. There will
be no servers running, only inet access for the users but I'd like to
make traffic limitation for users (download and upload). Which firewall
of the three one explained in the handbook do you
--On 17. november 2005 18:19 +0800 Dinesh Nair [EMAIL PROTECTED] wrote:
On 11/17/05 18:15 Sasa Stupar said the following:
Hi!
I am about to set up a router with FBSD 5.4 for SOHO network. There will
be no servers running, only inet access for the users but I'd like to
you could try
On Thursday 17 November 2005 10:15, Sasa Stupar wrote:
Hi!
I am about to set up a router with FBSD 5.4 for SOHO network. There will be
no servers running, only inet access for the users but I'd like to make
traffic limitation for users (download and upload). Which firewall of the
three one
Sasa Stupar wrote:
--On 17. november 2005 18:19 +0800 Dinesh Nair [EMAIL PROTECTED]
wrote:
On 11/17/05 18:15 Sasa Stupar said the following:
Hi!
I am about to set up a router with FBSD 5.4 for SOHO network. There
will
be no servers running, only inet access for the users but I'd
* Sasa Stupar [EMAIL PROTECTED] [2005-11-17 11:15:14 +0100]:
I am about to set up a router with FBSD 5.4 for SOHO network. There
will be no servers running, only inet access for the users but I'd
like to make traffic limitation for users (download and upload). Which
firewall of the three one
I have a fresh FreeBSD 4.11 server installed with multiple
IP's and am wondering if there is some type of default
firewall running?
The problem is that after logging in, can not telnet to
either localhost or to one of the IP's, but can telnet to the
other IP that is assigned
telnet
Nmap run completed -- 1 IP address (1 host up) scanned in 5.037 seconds
So now I need to see about adjusting that filtering in the rules I guess?
Is this some firewall thing in FreeBSD that is running by default?
Thanks
Lonnie
Steve Bertrand wrote:
I have
Greetings All,
I have a fresh FreeBSD 4.11 server installed with multiple IP's and am
wondering if there is some type of default firewall running?
The problem is that after logging in, can not telnet to either localhost
or to one of the IP's, but can telnet to the other IP that is assigned
On 11/8/05, Lonnie Cumberland [EMAIL PROTECTED] wrote:
Greetings All,
I have a fresh FreeBSD 4.11 server installed with multiple IP's and am
wondering if there is some type of default firewall running?
I don't believe there will be a firewall running unless you have
specifically enabled
Lonnie Cumberland wrote:
Greetings All,
I have a fresh FreeBSD 4.11 server installed with multiple IP's and am
wondering if there is some type of default firewall running?
The problem is that after logging in, can not telnet to either localhost
or to one of the IP's, but can telnet
On Oct 30, 2005, at 6:23 PM, Eric F Crist wrote:
On Oct 30, 2005, at 4:41 PM, [EMAIL PROTECTED] wrote:
Does anyone have a good example of a firewall ruleset for a wireless
interface in a laptop, or a pointer to documentation? I want to use
IPFilter on 6.0 rc1. I want to let all connections
On 2005-10-30 17:41, [EMAIL PROTECTED] wrote:
Does anyone have a good example of a firewall ruleset for a wireless
interface in a laptop, or a pointer to documentation? I want to use
IPFilter on 6.0 rc1.
I'd strongly recommend pf(4) over IP Filter. The PF firewall
seems to have all
On 2005-10-30 18:23, Eric F Crist [EMAIL PROTECTED] wrote:
On Oct 30, 2005, at 4:41 PM, [EMAIL PROTECTED] wrote:
Does anyone have a good example of a firewall ruleset for a
wireless interface in a laptop, or a pointer to documentation?
I want to use IPFilter on 6.0 rc1. I want to let all
On 2005-10-31 16:45, Giorgos Keramidas [EMAIL PROTECTED] wrote:
On 2005-10-30 18:23, Eric F Crist [EMAIL PROTECTED] wrote:
On Oct 30, 2005, at 4:41 PM, [EMAIL PROTECTED] wrote:
Does anyone have a good example of a firewall ruleset for a
wireless interface in a laptop, or a pointer
On Oct 29, 2005, at 10:32 PM, Daniel Molina Wegener wrote:
Hello,
How can I add firewall log messages to syslogd, I have
added the following lines to the syslog.conf:
# router
+router
*.* /var/log/router.log
Also, syslogd is running with the flag -a with the ip
On Sun, Oct 30, 2005 at 09:22:39AM -0600,
Eric F Crist wrote:
On Oct 29, 2005, at 10:32 PM, Daniel Molina Wegener wrote:
Hello,
How can I add firewall log messages to syslogd, I have
added the following lines to the syslog.conf:
# router
+router
Does anyone have a good example of a firewall ruleset for a wireless
interface in a laptop, or a pointer to documentation? I want to use
IPFilter on 6.0 rc1. I want to let all connections out and keep state,
but block all incoming from the outside.
TIA
On Oct 30, 2005, at 4:41 PM, [EMAIL PROTECTED] wrote:
Does anyone have a good example of a firewall ruleset for a wireless
interface in a laptop, or a pointer to documentation? I want to use
IPFilter on 6.0 rc1. I want to let all connections out and keep
state,
but block all incoming from
On 10/31/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Does anyone have a good example of a firewall ruleset for a wireless
interface in a laptop, or a pointer to documentation? I want to use
IPFilter on 6.0 rc1. I want to let all connections out and keep state,
but block all incoming from
in message [EMAIL PROTECTED],
wrote Vitaly Cherny thusly...
On 10/31/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Does anyone have a good example of a firewall ruleset for a wireless
interface in a laptop, or a pointer to documentation? I want to use
IPFilter on 6.0 rc1. I want to let
Hello,
How can I add firewall log messages to syslogd, I have
added the following lines to the syslog.conf:
# router
+router
*.* /var/log/router.log
Also, syslogd is running with the flag -a with the ip
address of the firewall -- the mask, and service
to retrieve ports and so
forth. I'm suspecting either a routing or firewall issue. I'm using pf and
am natting all traffic from this new box to my external interface and
passing all traffic, that should be working. My network range is 10.8.0.0
and the range for this new box is 10.10.0.0 i believe my
, this part works but the box can't get to the
net to retrieve ports and so forth. I'm suspecting either a routing
or firewall issue. I'm using pf and am natting all traffic from
this new box to my external interface and passing all traffic, that
should be working. My network range is 10.8.0.0
On Oct 25, 2005, at 2:00 PM, Dave wrote:
Hi,
The netmask for my working setup is 255.255.0.0 same for the
nonworking setup. I am starting to wondering since the boxes are in
two different subnets if they need a route to each other?
Thanks.
Dave.
Yes, they do.
Hey all. I'm relatively new to shell scripting and I'm looking for
some comments on my firewall script.
Comments on either the ipfw rules themselves or on my scripting lack
of ability would be appreciated.
Thanks.
nerp.firewall
Description: Binary data
On Oct 23, 2005, at 10:44 AM, Eric F Crist wrote:
Hey all. I'm relatively new to shell scripting and I'm looking for
some comments on my firewall script.
Comments on either the ipfw rules themselves or on my scripting
lack of ability would be appreciated.
Thanks.
nerp.firewall
Eric F Crist wrote:
Hey all. I'm relatively new to shell scripting and I'm looking for
some comments on my firewall script.
Comments on either the ipfw rules themselves or on my scripting lack of
ability would be appreciated.
Ugh. :-) IPFW knows how to increment rule numbers all
On Oct 23, 2005, at 11:12 AM, Chuck Swiger wrote:
Eric F Crist wrote:
Hey all. I'm relatively new to shell scripting and I'm looking
for some comments on my firewall script.
Comments on either the ipfw rules themselves or on my scripting
lack of ability would be appreciated.
Ugh
scripts, but it
scatters your IPFW rules into different places. I'd rather see
something that closely resembles what ipfw list gives you.
The reasoning behind this is so I have a single firewall script for all
of my servers. At some point in the very near future, there will be a
cron job
adding a minor note, to make
sure you Eric don't get the wrong impression that a firewall is an
absolute *requirement* to block these.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
on
the firewall, but I'm thinking since the DNS is going to be chrooted,
it would be ok, no ?
What do you think ?
Thank you !
You're better off not installing and running a DNS server on your
firewall. I would recommend you simply turn your new machine into
your primary DNS server and ask/pay someone
Hi,
I'm getting a second machine next week and was wondering if the
following settup would be ok:
1st machine pf + NAT and also primary DNS
2nd machine as a secondary DNS
Now I know that its not the smartest thing to do, have primary DNS on
the firewall, but I'm thinking since the DNS is going
.
It looks to me like either ipf or ipfilter are equally good, and have
about the same capabilities, as well as being provided as part of the
base system. Is there any good, technical reason why I should prefer
one to the other?
My second question is about updating the firewall rules: under Linux,
I use
and enables you to set priorities or reserve
bandwidth to certain types of traffic.
If you need traffic accounting, then I have yet to see something
that works for pf, while with ipfilter it's fairly easy.
My second question is about updating the firewall rules: under Linux,
I use a helper
On Thu, 20 Oct 2005, Foo Ji-Haw wrote:
Thanks for the brief breakdown on ipf and ipfilter. But what about ipfw? I
like the 'auto-swap ruleset' feature, as well as account. Does ipfw do them
as well? Thanks.
No idea, never used it and I don´t plan to. I'm using pf now, it
does what I need
Daniel Pittman wrote:
It looks to me like either ipf or ipfilter are equally good, and have
about the same capabilities,
While you are getting started and to test rules you could use
/etc/hosts.allow also.
You may already be familiar with it from other OSs.. We use to keep a
list of what
I have installed FreeBSD 5.4 on my Dell Inspiron 8200 using WiFi to
access the Internet.
My question is what are the pros and cons of running a firewall on my
client, e.g. is it really necessary.
I mean it's not like I am running Windows and have to bloat it with all
McAfee, Zonealarm ad
--On Wednesday, September 21, 2005 21:05:36 +0200 Kiffin Gish
[EMAIL PROTECTED] wrote:
I have installed FreeBSD 5.4 on my Dell Inspiron 8200 using WiFi to
access the Internet.
My question is what are the pros and cons of running a firewall on my
client, e.g. is it really necessary.
I mean
On Wed, 21 Sep 2005 21:05:36 +0200
Kiffin Gish [EMAIL PROTECTED] wrote:
I have installed FreeBSD 5.4 on my Dell Inspiron 8200 using WiFi to
access the Internet.
My question is what are the pros and cons of running a firewall on my
client, e.g. is it really necessary.
I mean it's
On Wed, 2005-09-21 at 19:20 +, Marcin Jessa wrote:
On Wed, 21 Sep 2005 21:05:36 +0200
Kiffin Gish [EMAIL PROTECTED] wrote:
I have installed FreeBSD 5.4 on my Dell Inspiron 8200 using WiFi to
access the Internet.
My question is what are the pros and cons of running a firewall
On Wed, Sep 21, 2005 at 09:05:36PM +0200, Kiffin Gish wrote:
I have installed FreeBSD 5.4 on my Dell Inspiron 8200 using WiFi to
access the Internet.
My question is what are the pros and cons of running a firewall on my
client, e.g. is it really necessary.
A pro would be that a firewall
.
But since many dc hubs, edonkey servers, bittorents web trackers and so on
use dynamic not standard ports, how to control it ?
I havent seen any way to control traffic for P2P apps reliably @ the
protocol layer, u need to inspect it. Something like snort attached to
your firewall, i guess
it.
you need to analyse the packets.
Something like snort attached to
your firewall, i guess ... though it'd be a reverse IDS (or a reverse
IPS, intrusion prevention system, I've seen it called...)
... which would update/feed rules to the firewall / packet filter. aka
proxy...maybe SOCKS
Hi,
I'm trying to setup a Firewall/NAT/Traffic Shapper server using FreeBSD 5.3
I install all the packages, including kernel sources...everything's ok.
Then I activate ipnat and natd in rc.conf and all the clients behind the
router can access the Internet.
But, if I want to install dummynet (i
sourceforge freeware and , it is based on
iptables, defination application protocols like ethereal project do.
So, is there any way to do same application layer osi model firewall with
FreeBSD gateway ?
Of course, I tried to find on web, I have not been successful in searching
so far.
If my
... but you know, proxy is not what I am asking, proxy is not firewall.
We do not need to restrict everything and all members.
We like full routeable network with full access to IPv6 / IPv4 internet
without any necessary action like configure proxy clients at all pc´s our
members.
We only want
On 8/30/05, Ionut Anghel [EMAIL PROTECTED] wrote:
Hi,
I'm trying to setup a Firewall/NAT/Traffic Shapper server using FreeBSD 5.3
I install all the packages, including kernel sources...everything's ok.
Then I activate ipnat and natd in rc.conf and all the clients behind the
router can
On 2005-08-23 09:47, Dmitry Mityugov wrote:
On 8/20/05, Giorgos Keramidas [EMAIL PROTECTED] wrote:
[Writing about the need for a firewall.]
It takes about 4-5 seconds when I connect with my dialup account
from home and then incoming connections start coming from spyware,
trojans and misc. other
well. I run it on dial-up ppp but haven't set
up any firewall. Should I be setting one up?
Yes, definitely.
It takes about 4-5 seconds when I connect with my dialup account from
home and then incoming connections start coming from spyware, trojans
and misc. other scanners
Hey guys,
I'm a newbie and have got my box all set up with FreeBSD 5.4, fluxbox
wm, firefox, thunderbird etc... It's all looking awesome, with
transparency, and working well. I run it on dial-up ppp but haven't set
up any firewall. Should I be setting one up? If so, do I use one
firewall. Should I be setting one up?
Yes, definitely.
It takes about 4-5 seconds when I connect with my dialup account from
home and then incoming connections start coming from spyware, trojans
and misc. other scanners :-)
If so, do I use one of the bundled firewalls or can someone recommend
one
401 - 500 of 1122 matches
Mail list logo