Firewall

John Meyer john at ast.com.na
Tue Apr 1 05:06:59 PST 2003


Good Day.

I have a small problem compared to the problems listed here. I have Freebsd
v3.1 (fairly old). I have compiled the kernel with
options IPFIREWALL and
options IPDIVERT
options IPFIREWALL_VERBOSE

in my rc.conf file I have
gateway_enable="YES"
firewall_enable="YES"
firewall_type="/etc/firewall.ast"
natd_interface="vx0"
natd_flags=""

In the etc dir I have a file called firewall.ast.

My problem is I seem to get an error at bootup stating as if you are running
ipfw cmd without options. I have disabled all the rules in firewall.ast
except the first one.
add 00100 tcp from any to any

When I disable that as well all seems to work well. It looks like the option
in rc.conf firewall_type="/etc/firewall.ast" does not get interpreted
correctly.

2nd Problem is I need to divert my public ip port 80 to a private ip port 80
what are the steps in natd to follow without compromising my security on the
private side.

Thank you very much in advance for any assistance.

John Meyer
AST Namibia



More information about the freebsd-questions mailing list