Firewall concepts
Gobbledegeek
gobbledegeek at gmail.com
Thu Dec 8 04:35:44 PST 2005
Hello Marcus
A firewall on every pc will soon become a nightmare to manage as the
network grows. You could in theory put the pf rules on a read-only
remote filesystem..and have every client access to it, but thats if
you have time for such tricks...
The internet gateway is the place to put your firewall - the one that
has the direct connection to the internet. And make sure no one can
unplug it from the network, or shut down the pf even temporarily.
Rgrds
> Would it be necessary to use a firewall on my client? I like the
> concept of disabling unused services and even binding them to
> interfaces where they belong to and do not expose them to everyone
> on the local net by binding them to localhost. Kind of an heretic
> question, but I am missing the clue where to start..
>
> regards,
> Marcus
>
--
Nonchalantly yours
GobbledeGeek
[Everything but Gobbledegook.. !!]
More information about the freebsd-pf
mailing list