Boy are you naïve.  If firewall protection was that simple every
body would be doing it your way.

I have just completed my final draft of the complete rewrite of the
FBSD handbook firewall section.
Here is the URL where you can access it.

  www.a1poweruser.com/FBSD_firewall/

Give it a read and learn about all your FBSD firewall options

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Kevin
Curran
Sent: Monday, June 14, 2004 9:12 PM
To: [EMAIL PROTECTED]
Subject: Are 4 IPFW rules enough?

I have a cable modem and I'm using 4.9 as a NAT router for my home
network.  I have 4 rules in my ipfw config.  The first enables NAT
and
the last is 65000 allow any to any.

In between I ha 2 rules to deny access to ports 53 and 110 on the
Internet side.  That's all.

Here's my thinking: I use inetd.conf to enable only the services I
want,
therefore the ports on which those services are listening I would
want
open.  The two other ports I want to filter on the WAN side are
filtered
by the rules above.  All the other ports are closed, anyway, so why
spend time debugging an elaborate rule set?





_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to