ipfw

[tampabay420]

Hey AO!

I’m trying to set up a secure firewall for my FreeBSD box… I’m using ipfw and was wondering what rules you guys/gals fancy on your boxes.

Any tutorial links would be helpful ;-)

Here are some links that I’ve found so far: http://www.google.com/search?hl=en&i...=Google+Search

[sweet_angel]

hi... I know you ask for ipfw...but I just wanna give you cool option, try NETBOZ if you like to give it try. It's cool firewall .

Main Features
Web administration interface
Does not use a hard disk
Works with 2 or 3 network interfaces
NAT for publishing LAN or DMZ services
DNS server
DHCP server
DHCP client on WAN interface
PPPoE support (new!)
Real time traffic monitoring
Unlimited users
It's free !

I've got the link http://www.netboz.net/

I hope this helps

[tampabay420]

Hey All,

-Just wondering about ipfw and other packet filtering...

-Is it possible to add Time as a variable in the exclusion of packets...
-Example: I’d like to cut-off non-critical services during non-working hours, but still give access to my daemons, etc...

-Is this possible? Thanks!

[thehorse13]

IPFW is that ganular. The only way I can see around it is to write a cron job that will start and stop services.

Hope this helps!

[IKnowNot]

Not the most elegant way of doing it, but when I was using IPFWadm I used a few different firewall scripts, and included the ‘at' command within the scripts to bring up the next script when it was time. It worked OK but was a bear to get the scripts in sync. ( like "at 1:00 AM SAT -f /etc/masq1 " )
thehorse13 is right, Cron would be probably be a better way of doing it.

[tampabay420]

Thanks alot y'all!
Your answers are most informative...
If success { i'll post results; }