Deny action doest work on my fbsd box

James apach3s at yahoo.com
Wed Jun 22 04:36:15 GMT 2005


Hi! I used freebsd version 4.11 and Im new on ipfirewall (ipfw).
I've been started reading ipfw this month and my mind getting
something confused. I read handbook on IPFW and still Im dont
understand, not a whole but I understand little. 

This is my network diagram:  
----------
ISP > DSL Modem > DSL Router > (a)FBSD SERVER(b) >
TWO-PC-CLIENTS
----------

My `FBSD SERVER` has two ethernet. (a)vr0 (192.168.0.2 |
255.255.255.0) and (b)rl0 (172.16.20.1 | 255.255.255.0).. My
`TWO-PC-CLIENTS` have an IP Address of 172.16.20.11 and
172.16.20.12.. Now I had been successfully setup and configure
NATD to share the Internet Connection sharing to the
TWO-PC-CLIENTS that was I followed from
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html
..

Now I want to test how ipfw works and if it is effectively work
on my fbsd box to block such TWO-PC-CLIENTS from ssh, browsing,
and etc.. But I was failed and it doesnt work to block the port
22, 80 and still the TWO-PC-CLIENTS can browse and SSH on my
fbsd box. here is my rc.conf, natd.conf and rules.firewall file
from 

http://www.rootshell.be/~jam3s/file.txt

My question is, how can i block ports 22 and 80 so that the
TWO-PC-CLIENTS and other I wanted to block/deny will work? I do
reading rc.firewall and dont understand it very well :).. I hope
anyone could help me... If you have a nice tutorial for the
basic ipfw commands that much easy to understand, just tell me
:)..

thanks in advanced..

james





----------
JaMeS
apach3s[at]yahoo[dot]com
Call my name at your own risk!

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the freebsd-ipfw mailing list