Application layer firewall on FreeBSD, is it possible ?
Chris Dionissopoulos
dionch at freemail.gr
Wed Aug 31 00:39:26 GMT 2005
>So is it possible on FreeBSD OS ?
... or try this one:
/usr/ports/security/snort_inline
with this guide:
http://freebsd.rogness.net/snort_inline/
a very quick example:
your ipfw rules:
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
02000 divert 666 ip from any to any
65000 allow ip from any to any
65535 deny ip from any to anywhile your gateway running:snort_inline -J 666 -c snort_with_p2p_rules.confChris.
____________________________________________________________________
http://www.freemail.gr - äůńĺÜí őđçńĺóßá çëĺęôńďíéęďý ôá÷őäńďěĺßďő.
http://www.freemail.gr - free email service for the Greek-speaking.
More information about the freebsd-ipfw
mailing list