1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Web server and it's IPFW configs.

Discussion in 'Firewalls' started by abarmot, Nov 17, 2008.

  1. abarmot

    abarmot New Member

    Messages:
    22
    Likes Received:
    0
    Dear friends,
    currently I am trying to learn a building web server (Apache, PHP, MySQL, etc.) with FreeBSD 7 and now my "topic" is IPFW.
    Would you be so kind to post here your examples of IPFW configuration files suitable for web servers? :stud
    Thanks for any help!
     
  2. anomie

    anomie New Member

    Messages:
    783
    Likes Received:
    0
    Have you read the handbook chapter on IPFW?

    IPFW rulesets I've used have been adaptations of the example in 31.6.5.6.
     
  3. komeylian

    komeylian New Member

    Messages:
    15
    Likes Received:
    0
    hi, abarmot

    if your web server should seen from internet you just need to do below:

     
  4. sT4k3

    sT4k3 New Member

    Messages:
    21
    Likes Received:
    0
    and if you use https than - ipfw add 2 allow ip from any to me 443
     
  5. blackjack

    blackjack New Member

    Messages:
    22
    Likes Received:
    0
    ipfw add 3 allow ip from <some ip> to me 22
    ipfw add 4 deny ip from any to me
     
  6. paulfrottawa

    paulfrottawa New Member

    Messages:
    242
    Likes Received:
    0
    I take it the "me" is the destination IP address of the server.
     
  7. sT4k3

    sT4k3 New Member

    Messages:
    21
    Likes Received:
    0
    if server have one ip address, then you can use "me"...
     
  8. paulfrottawa

    paulfrottawa New Member

    Messages:
    242
    Likes Received:
    0
    The above example
    What if "me" was on another computer or ip (like a jail). Me is for the router I'm guessing.

    Right now I'm reading the hand book about the fire wall, and continually locking myself out setting up a firewall.

    Thankfully I have a monitor and key board down there.

    ___________________________________--

    Doing that I haven't had a chance to play with redirect but your short answer will get me going for the night thanks