IPFW Firewall Question

Mel fbsd.questions at rachie.is-a-geek.net
Fri Dec 5 03:03:02 PST 2008

On Friday 05 December 2008 01:26:04 G magicman wrote:

> Why because of the following:
> 1. Hosts.access  on freebsd works on the Application Layer instead of the
> Network Layer Therefore Hosts.allow/hosts.deny   no longer works the way i
> want and i do not feel like running Sendmail and sshd out of Inetd which
> appearantly is the only way to be able to use hosts.allow/deny

You're right about the application layer, but not about the rest. From 
             Access controls that should be enforced by tcp-wrappers are
             defined here.  Further details are described in hosts_access(5).

> 2. Next openssh doesnot have an AllowHosts directive like the Finnish one
> does it only has an AllowUsers directive so i need to protect the system
> from DDOS attacks

Again, see above.

> and Hacking I already tried to block things using the 
> Sendmail Access file but all that did was choak up the server with moronic
> shit.  And i want to be able to use my sftp program but it opens random
> ports which can not be controlled so i need the Clearaddresses to be able
> to see all ports.

For the firewall, pf user here, so others should help. ;)


Problem with today's modular software: they start with the modules
    and never get to the software part.

More information about the freebsd-questions mailing list