Web server behind ipfw firewall
Fazal Ahmed Malik
fam at solacetel.com
Mon Apr 21 09:27:06 UTC 2008
Hi,
I need help for setting up web server behind IPFW firewall. I have Freebsd
6.0 working as router on LAN with transparent squid. Now I want to setup web
server to be running on private IP please help me in writing IPFW rules to
serve the purpose. Current IPFW rules are as under,
$fwcmd add divert natd all from any to any via vr0
$fwcmd add fwd $external_ip,8080 tcp from not me to any 80
#$fwcmd add fwd $internal_ip log tcp from any to me dst-port 80 in via vr0
#$fwcmd add fwd $internal_ip tcp from any to me dst-port 80 out via re0
$fwcmd add allow log tcp from any to any in tcpflags syn,fin
$fwcmd add check-state
$fwcmd add allow tcp from any to any out keep-state
$fwcmd add allow tcp from any to any via vr0 established
$fwcmd add allow tcp from any to any 21 setup
$fwcmd add allow tcp from any to any 22 setup
$fwcmd add allow tcp from any to any 23 setup
$fwcmd add allow tcp from any to any 43 setup
$fwcmd add allow tcp from any to me 80 setup
$fwcmd add allow tcp from any to any 110 setup
$fwcmd add allow tcp from any to any 143 setup
$fwcmd add allow tcp from any to any 443 setup
$fwcmd add allow tcp from any to any 789 setup
$fwcmd add reset log tcp from any to any 113 in recv vr0
$fwcmd add allow udp from any to any 53 out xmit vr0
$fwcmd add allow udp from any 53 to any in recv vr0
$fwcmd add 03000 allow icmp from me to any
$fwcmd add 04000 allow icmp from any to any
Thanks,
Fazal
No virus found in this outgoing message.
Checked by AVG.
Version: 7.5.524 / Virus Database: 269.23.2/1388 - Release Date: 4/20/2008
3:01 PM
More information about the freebsd-net
mailing list