On Sun, Aug 13, 2006 at 12:04:07PM -0500, Will Twomey wrote: > I have a firewall script set up on a linux machine (Ubuntu). I would > like to replace this machine with an OpenBSD machine for security and > stability reasons, but am unsure if it will work out of the box. > > Could someone please answer these questions for me? > > Is /etc/network/interfaces file on OpenBSD as well? If not, how do I set > up static IPs? > > Is iptables included by default or will I need to recompile the kernel? > > Is the /sbin/ip command the same and included in OpenBSD? (Example: > /sbin/ip addr add dev eth0 ipaddress) > > How do I force an Ethernet's hardware address to be associated with a > certain interface in > OpenBSD? (I had to do this in linux, because the eth's kept randomly > changing after reboots. Probably because of the dual nic PCI cards)
If you are moving to OpenBSD for security reasons then you should rethink your ideas above. You will gain a lot more by learning the OpenBSD tools and methods rather than trying to make OpenBSD emulate your Linux firewall. The very first place to start is to write down your firewall policy in plain words. After doing that, it should be fairly easy to implement this in OpenBSD using the existing documentation in the main FAQ, the PF FAQ, and the man pages. If you are discouraged by this, you should know that running OpenBSD without some knowledge of OpenBSD itself will not give you a secure system. You would be better off securing a system that you know better. The good news is that with the documentation, setting up a firewall with OpenBSD is not very difficult. And once you learn your way around you'll find pf much nicer than iptables. -- Darrin Chandler | Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ |
