Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Subject: Re: Firewall help
From: Jim Durham (durhamw2xo.pgh.pa.us)
Date: Sat Jul 08 2000 - 16:27:52 CDT
- Next message: Craig Critchley: "Re: openssh and PAM"
- Previous message: Webbie: "Re: openssh and PAM"
- In reply to: Stuart Rogers: "Firewall help"
- Reply: Jim Durham: "Re: Firewall help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Stuart Rogers wrote:
> Yes hello. I'm a newer BSD user and have freebsd 3.3 powerpak. I run a
> small intranet and have my systems hooked up to a cable modem. I want to
> make an old 486 box into a basic firewall. I'm not running any servers off
> the cable modem I just want to protect against people getting into my
> system. Does anyone know of the best way to go about this. All sugestions
> and comments would be apreciated.
I do something of the same sort here. I am on DSL, not cable, but
the input/output of my DSL modem is ethernet, as are cable modems.
You need an old '486 with two ethernet cards. I'll probably miss
but here is the gist of setting it up:
Let's say your two cards are "ed0" and "ed1" and that you want to use
the 10. network on your LAN. Lets say the cable company assigned you
the IP address YOUR_IP and the gateway YOUR_GATEWAY and the netmask
YOUR-NETMASK Let's say the cable modem plugs into ed0 and the LAN
hub is on ed1.
ifconfig_ed0="inet YOUR_IP netmask YOUR_NETMASK"
ifconfig_ed1="10.0.0.1 netmask 255.255.255.0"
network_interfaces="lo0 ed0 ed1"
In /etc/rc.firewall, section "simple":
onet="YOUR_IP with "O" as last octet"
Compile a new kernel. add options "IP_DIVERT" and "IP_FIREWALL"
Assign IPs of 10.0.0.2 and up to your LAN computers.
I probably missed something, but that's most of it.
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message