[ale] Advice Request -> IPFW ruleset

Courtney Thomas ccthomas at flash.net
Mon Aug 28 11:26:23 EDT 2000


Greetings !

Being a novice IPFW installer, I'd appreciate comments, with as much
specificity as possible, regarding setting up a new firewall for a lan.

The default will be:

1-	allow all from any to any

the idea being to look everything over.

Next, I'm guessing that everything that originated from the firewall box
is OK, but don't know....

 "how to prevent spoofing". 

Anyway, I'm thinking next, maybe ....

2-	allow all from any to any out xmit <fw_iface>

and then....

3-	allow all from any to any in recv <fw_iface> xmit <fw_iface>


In more particular, how can I make sure to let everything in I need but
keep all else out. I know I need to comment out all in inetd.conf that
will not normally be used, but am not sure what's essential.

Any comment on critical permission settings would also be appreciated.

Thanks once again for generous assistance,

Courtney
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list