From: Joe Vender [EMAIL PROTECTED]
I've enabled the firewall in /etc/rc.conf via:
firewall_enable=YES
firewall_type=client
But, ports 0 and 1 show as CLOSED, not STEALTHED at grc.com shieldsup! scan.
I'm on a standalone desktop computer with no LAN and am using a dialup
connection to access the internet. I've set the firewall type to client.
What changes do I need to make to the firewall configuration file in order to
stealth the ports without causing any local problems?
Joe Vender
Hi Joe,
It's been awhile since I used FreeBSD as a firewall, but I believe I had to
enable the following sysctl's:
As root, do:
sysctl net.inet.udp.blackhole=1
do the same for:
net.inet.tcp.blackhole=2
You can use either a 1 or 2 for TCP. I would use a 2.
man blackhole - for more details.
If they work for you , add them to /etc/sysctl.conf as just:
net.inet.tcp.blackhole=2; so they'll be turned on when you reboot.
Bob
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]