FreeBSD firewall question + a really dumb question(yes I'm new to FreeBSD)

FreeBSD firewall question + a really dumb question(yes I'm new to FreeBSD)

Post by KRhod » Fri, 11 Jan 2002 07:06:47



I need to get a firewall up in our office with no NAT.  I looked at a book
called FreeBSD Unleashed.  The book seemed to explain things pretty well.
Anyone else have an opinion on this book?

Okay, I tried version 4.3, but I could not add the iptables module.  Version
4.4 seems to use IPFW and the rules use a more english like syntax than
characters $.  Am I right so far??

A lot of the optins are turned on in files.  FIREWALL = yes in rc.conf.
Here is the dumb question:

In DOS i could use edit to edit a file, what do I use in FreeBSD??

Thanks

 
 
 

FreeBSD firewall question + a really dumb question(yes I'm new to FreeBSD)

Post by Berk S. Daemo » Fri, 11 Jan 2002 08:18:05



Quote:> I need to get a firewall up in our office with no NAT.  I looked at a book
> called FreeBSD Unleashed.  The book seemed to explain things pretty well.
> Anyone else have an opinion on this book?

> Okay, I tried version 4.3, but I could not add the iptables module.
Version
> 4.4 seems to use IPFW and the rules use a more english like syntax than
> characters $.  Am I right so far??

> A lot of the optins are turned on in files.  FIREWALL = yes in rc.conf.
> Here is the dumb question:

> In DOS i could use edit to edit a file, what do I use in FreeBSD??

> Thanks

I'm not sure what you mean by 'iptables'. Sounds like a Linux thing to me. I
personally don't use IPFW anymore, I much prefer IPF (IPFilter).

www.ipfilter.net

it's in kernel, and it's a lot nicer!

 
 
 

FreeBSD firewall question + a really dumb question(yes I'm new to FreeBSD)

Post by Paul » Fri, 11 Jan 2002 09:50:28




Quote:> I need to get a firewall up in our office with no NAT.  I looked at a
> book called FreeBSD Unleashed.  The book seemed to explain things
> pretty well. Anyone else have an opinion on this book?

It's pretty good. So is 'The Complete FreeBSD' by Lehey.

Quote:> Okay, I tried version 4.3, but I could not add the iptables module.
> Version 4.4 seems to use IPFW and the rules use a more english like
> syntax than characters $.  Am I right so far??

iptables module is Linux. You are working with FreeBSD. Either use IPFW
or IPFILTER. You may need to config and recompile the kernel with the
right settings. Check the site in my sig. HELPDESK section, NETWORKING
paragraph, 'Private Network NATD gateway' option for more info on how to
config the kernel for IPFW and set it up.

Quote:> In DOS i could use edit to edit a file, what do I use in FreeBSD??

Any text editor you have installed. VI is standard, but it takes a lot of
getting used to. Joe is pretty easy (Wordstar like commands) and is in
both FreeBSD's Packages and Ports. So very easy to install. If you have
Xwindows installed, any graphical text editor will do fine. Like nedit,
kedit etc.

Hope this helps.
--
  __
 /_/             Creator/Maintainer
/aul       "A Daemon's Guide To FreeBSD"
           http://daemonsguide.iwarp.com/

 
 
 

FreeBSD firewall question + a really dumb question(yes I'm new to FreeBSD)

Post by Berk S. Daemo » Sat, 12 Jan 2002 19:42:51





> > I need to get a firewall up in our office with no NAT.  I looked at a
> > book called FreeBSD Unleashed.  The book seemed to explain things
> > pretty well. Anyone else have an opinion on this book?

> It's pretty good. So is 'The Complete FreeBSD' by Lehey.

> > Okay, I tried version 4.3, but I could not add the iptables module.
> > Version 4.4 seems to use IPFW and the rules use a more english like
> > syntax than characters $.  Am I right so far??

> iptables module is Linux. You are working with FreeBSD. Either use IPFW
> or IPFILTER. You may need to config and recompile the kernel with the
> right settings. Check the site in my sig. HELPDESK section, NETWORKING
> paragraph, 'Private Network NATD gateway' option for more info on how to
> config the kernel for IPFW and set it up.

> > In DOS i could use edit to edit a file, what do I use in FreeBSD??

> Any text editor you have installed. VI is standard, but it takes a lot of
> getting used to. Joe is pretty easy (Wordstar like commands) and is in
> both FreeBSD's Packages and Ports. So very easy to install. If you have
> Xwindows installed, any graphical text editor will do fine. Like nedit,
> kedit etc.

> Hope this helps.
> --
>   __
>  /_/             Creator/Maintainer
> /aul       "A Daemon's Guide To FreeBSD"
>            http://daemonsguide.iwarp.com/

don't forget 'ee' in FreeBSD too.. comes default.. ;-)
 
 
 

FreeBSD firewall question + a really dumb question(yes I'm new to FreeBSD)

Post by KRhod » Sun, 13 Jan 2002 06:31:21


Thanks, and sorry about mixing the Linux stuff in.  Getting hard to keep it
all straight.
 
 
 

FreeBSD firewall question + a really dumb question(yes I'm new to FreeBSD)

Post by Paul » Sun, 13 Jan 2002 08:49:18




Quote:> Thanks, and sorry about mixing the Linux stuff in.  Getting hard to
> keep it all straight.

No problem. Hope I was of help...

--
  __
 /_/             Creator/Maintainer
/aul       "A Daemon's Guide To FreeBSD"
           http://daemonsguide.iwarp.com/

 
 
 

1. I can't send to freebsd-questions@freebsd.org


the message was returned

   ----- The following addresses had transient non-fatal
errors -----

   ----- Transcript of session follows -----
... while talking to mx1.freebsd.org.:
<<< 450 Client host rejected: cannot find your hostname,
[209.145.174.254]

rejected: cannot find your hostname, [209.145.174.254]
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old

The IPAddr they are referencing is vaguely familiar.  I remember
something like that about two or three DSL providers ago.  We
have gone from Jato to Rhythms to Covad to IPComm and each
switch entailed another change of IPAddr for our Internet link.

Do I have to notify FreeBSD of this change before I can send an
email to freebsd-questions?

They are probably doing some sort of SPAM filtering so what do I
need to have them accept my email?

Thanks

2. applet and squid

3. A really really dumb question...

4. error when adding another network card

5. OpenSSH 3.0 really brief (and maybe really dumb) question...

6. how to change the password rule

7. FreeVSD (yes that's a 'V') control panel under FreeBSD

8. How to find why machine stopped?

9. Not really a FreeBSD question, but...

10. CVS - Not really FreeBSD, but I expect a few FreeBSD users are familiar with CVS !

11. A question on Upgrading FreeBSD 3.2 to FreeBSD 4.1.1

12. FreeBSD newbie question -- AT&T cable on FreeBSD

13. Dumb Question: Where's my New Handbook?