problem with IPFILTER

Andras Kende andras at kende.com
Wed Dec 22 09:39:34 PST 2004



-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org] On Behalf Of Dott. Surricani
Sent: Wednesday, December 22, 2004 10:42 AM
To: questions at FreeBSD.org
Subject: problem with IPFILTER

Hello everybody.

I've succesfully set up an Inclusive Firewall for my small Lan, how
explained in Chapter 24 of the Handbook,
with IPFILTER and ipnat (Either with kld modules).
I've included in rc.conf the lines neeeded and i've written custom
ipf.rules and ipnat.rules...

It's super, and work great, but I've got a problem/question:

each time I restart the server the rules are cleared and It leave all
packets enter and exit
an I have to type in the shell

ipf -Fa -f /etc/ipf.rules and
ipnat -CF -f /etc/ipnat.rules

It's very boring....

What I can do to automate this task?


Thanks all very much!!!!
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"



Hello 

/etc/rc.conf :

#Enable routing packets between interfaces
gateway_enable="YES"
#Bring up the ipfilter software
ipfilter_enable="YES"
#Tell ipfilter where to get its rules
ipfilter_rules="/etc/ipf.rules"
#Enable ipnat
ipnat_enable="YES"
#Tell ipnat where to get its rules
ipnat_rules="/etc/ipnat.rules"


Best regards,

Andras Kende
http://www.kende.com





More information about the freebsd-questions mailing list