DHCP and the "SIMPLE" option in /etc/rc.firewall
James A. Coulter
james.coulter at cox.net
Fri Jul 30 07:35:35 PDT 2004
Thanks - I'm going to give the Stateful + NATD rule set a try.
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org] On Behalf Of JJB
> Sent: Friday, July 30, 2004 8:20 AM
> To: James A. Coulter; freebsd-questions at freebsd.org
> Subject: RE: DHCP and the "SIMPLE" option in /etc/rc.firewall
>
>
> The handbook Firewall section has been rewritten.
>
> It's temporally available from www.a1poweruser.com/FBSD_firewall/
> as the Doc group works to sanitize the English.
> It incorporates the long awaited solution to
> getting ipfw + natd + stateful rules to function together,
> as well as OpenBSD pf firewall which is scheduled to become
> the third built in firewall software solution delivered with
> the FreeBSD install when 5.x ever makes it to the stable branch.
>
>
>
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of
> James A. Coulter
> Sent: Friday, July 30, 2004 8:59 AM
> To: freebsd-questions at freebsd.org
> Subject: DHCP and the "SIMPLE" option in /etc/rc.firewall
>
> I am setting up a firewall for a gateway/router running FreeBSD 4.10.
>
> This is for a small home LAN.
>
> I have already compiled and installed a custom kernel with
> the IPFIREWALL and IPDIVERT options and configured the
> firewall to pass any to any without any problems - now it's
> time to start locking it down.
>
> I would like to use the firewall_type="SIMPLE" option
> rc.conf. But I'm not sure how I should set up my external
> nic in /etc/rc.firewall, i.e:
>
> # set these to your outside interface network and netmask and ip
> oif="ed0"
> onet="192.0.2.0"
> omask="255.255.255.240"
> oip="192.0.2.1"
>
> My outside interface is connected to a cable modem and is
> configured for DHCP
>
> Without a static IP address for my outside interface, how do
> I set these options?
>
> TIA for your help.
>
> Jim C.
>
> -----------------------------------
> Check it out: The Black Dog Gallery http://polaris.umuc.edu/~jcoulter
More information about the freebsd-questions
mailing list