On Oct 30, 2005, at 6:23 PM, Eric F Crist wrote:
On Oct 30, 2005, at 4:41 PM, [EMAIL PROTECTED] wrote:
Does anyone have a good example of a firewall ruleset for a wireless
interface in a laptop, or a pointer to documentation? I want to use
IPFilter on 6.0 rc1. I want to let all connections out and keep
state,
but block all incoming from the outside.
TIA
That ruleset is easy:
ipfw add check-state
ipfw add allow tcp from me to any setup keep-state
ipfw add allow tcp from any to any established
ipfw add deny from any to me in
This should do the trick.
I forgot a couple of rules here. I'm assuming you want DNS to
function, so here's another rule to add, immediately above the last,
deny, line:
ipfw add allow udp from me to any
ipfw add allow udp from any 53 to me 53
Also, that last line above should read:
ipfw add deny all from any to me in
-----
Eric F Crist
Secure Computing Networks
http://www.secure-computing.net
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
