freebsd-ipfw Digest, Vol 40, Issue 4
Liam Foy
liamfoy at sepulcrum.org
Sun Dec 28 05:46:50 PST 2003
freebsd-ipfw-request at freebsd.org wrote:
>Send freebsd-ipfw mailing list submissions to
> freebsd-ipfw at freebsd.org
>
>To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
>or, via email, send a message with subject or body 'help' to
> freebsd-ipfw-request at freebsd.org
>
>You can reach the person managing the list at
> freebsd-ipfw-owner at freebsd.org
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of freebsd-ipfw digest..."
>
>
>Today's Topics:
>
> 1. need testers for a ipfw rule generation script! (Boris Staeblow)
> 2. Re: need testers for a ipfw rule generation script!
> (Bjoern A. Zeeb)
> 3. Re: need testers for a ipfw rule generation script!
> (Boris Staeblow)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Fri, 26 Dec 2003 22:29:55 +0100
>From: Boris Staeblow <bs at dva.in-berlin.de>
>Subject: need testers for a ipfw rule generation script!
>To: freebsd-ipfw at freebsd.org
>Message-ID: <200312262229.55270.bs at dva.in-berlin.de>
>Content-Type: text/plain; charset="iso-8859-1"
>
>Hello,
>
>I need some testers for a ipfw rule generation script.
>Because I have to administer some dialup internet-routers based on FreeBSD I
>?ve
>written this script to simplify the ipfw rule maintainance.
>Many rules are collected from serval FreeBSD forums, HOWTO?S and man-pages.
>
>here is the README:
>
>
>FIRE V1.07, 23 Dec. 2003, first public release
>----------------------------------------------
>
>The "fire" script creates a set of ipfw rules dynamically, depending of
>the settings in the main configuration file.
>
>Although this script is flexible, the main target is a single local network
>with internet-access over an internet-connected device (usually tunX from
>ppp)
>
>- Of course I`m grateful for improvements, as I?m not a firewall
> and script expert!
>- Forgive any mistake in writing.
>- DO NOT TRUST THE RESULTING IPFW-RULES BLINDLY!!! CHECK RULES WITH "ipfw
>list"!
>- USE THIS SCRIPT AT YOUR OWN RISK!
>- Send comments, suggestions and diff?s to bs at dva.in-berlin.de :)
>
>download the latest version at http://dva.dyndns.org
>
>Boris
>
>
>
>------------------------------
>
>Message: 2
>Date: Fri, 26 Dec 2003 22:23:28 +0000 (UTC)
>From: "Bjoern A. Zeeb" <bzeeb-lists at lists.zabbadoz.net>
>Subject: Re: need testers for a ipfw rule generation script!
>To: Boris Staeblow <bs at dva.in-berlin.de>
>Cc: freebsd-ipfw at freebsd.org
>Message-ID:
> <Pine.BSF.4.53.0312262208010.74127 at e0-0.zab2.int.zabbadoz.net>
>Content-Type: TEXT/PLAIN; charset=ISO-8859-1
>
>On Fri, 26 Dec 2003, Boris Staeblow wrote:
>
>
>
>>I need some testers for a ipfw rule generation script.
>>Because I have to administer some dialup internet-routers based on FreeBSD I
>>?ve
>>written this script to simplify the ipfw rule maintainance.
>>Many rules are collected from serval FreeBSD forums, HOWTO?S and man-pages.
>>
>>
>
>I have just scrolled through this thing with pg_down and did not read
>it but there are things that always catch one's eye:
>
>please write 1000x times[1]: port 136 is neither netbios nor microsoft !
>write it like this: 135,137-139,445
>
>[1] the use of scripting languages is permitted ;-)))
>
>
>
After reading about what boris has wrote, I have been working on
something similar but in php.
It will show IPFW statistics, and generate rules much like Metacortex
for OpenBSD. It can work
for both IPFW and IPF once a single configuration has been changed.
Anyone got any comments,
or ideas people would like to see? Anyone think such an idea is useful ?.
Thanks in advance,
-Liam-foy
More information about the freebsd-ipfw
mailing list