IPFW: 24.6.5.7 An Example NAT and Stateful Ruleset
Иванов Илья
peanky at mail.ru
Fri May 6 03:02:17 PDT 2005
Hallo! I read article
(http://freebsd.vinf.ru/doc/en/books/handbook/firewalls-ipfw.html)
and use your example from "An Example NAT and Stateful Ruleset" part.
So, when I use this script for ipfw, I can't be able to use internet,
but if I disable the rules 400, 450 I can use internet.
I use FreeBSD 4.10, nat, ipfw, squid.
# Reject & Log all unauthorized incoming connections from the public Internet
$cmd 400 deny log all from any to any in via $pif
# Reject & Log all unauthorized out going connections to the public Internet
$cmd 450 deny log all from any to any out via $pif
My question is: can I use this script for ipfw without rules 400 and
450 or it is a potential threat of security of my system?
May be we can put me a link to any article about this?
With a best regards, Ivanov Ilya.
More information about the freebsd-questions
mailing list