After much tribulation, I was able to get my FreeBSD machine operating as a gateway router between my lan and ISP router. I used pf because I found a decent howto online - Building an OpenBSD/pf Firewall. The pain came when I tried typing the rules in - what a friggin' nightmare (insert lots of...
Am trying to Build a Firewall for Unbound DNS resolver since a month and was not successful, solved almost all the configs except the IPFW rules, using FreeBSD 12.1-RELEASE-p5
Below are my rule list
NOTE: a.a.a.a , b.b.b.b, c.c.c.c and d.d.d.d are my ipv4 Public IP pools...
Configuring DNS caching server able to get all traffic without the firewall and with firewall only the IPV4 traffic is resolving, having some syntax issue with the config regarding the IPV6 (using FreeBSD 12.1)
ipfw -q -f flush
cmd="ipfw -q add"
pif="em0" # interface name of NIC
We are having trouble with finding ways to redirect the public IP address to the jail IP address. We have looked into the rc.conf and jail.conf files but are now sure how we should edit any of these files to achieve this.
We have previously been unsuccessful in editing pf values...
I run a FreeBSD VPS where it's located a webserver with WHMCS inside. (Apache + Nginx)
I would like to do other kind of ad by running a prank on social media where people will get message like "X has been hacked. Click here to download database" or something similar.
What I need?
I need to release an application that accesses the amazon.
With each ping in the URL of the application hosted in amazon the IP changes from time to time.
The local application does not support proxy.
I use freebsd / ipfw.
Example ping return:
app.example.net -> a.a.a.b
Hello all friends,
I have setup ipfw on FreeBSD 10.0-RELEASE with rule :
00001 allow ip from any to any via lo0
00005 allow ip from any to any via lagg0
00006 deny ip from table(1) to any in
00009 netgraph 100 tcp from any to any tcpflags syn via lagg1
00010 allow tcp from...
I have a use case for authpf. However, I'd prefer to stick with IPFW as it seems to be more maintained and more recent than the included PF version. However, I've been unable to locate an alternate option that'll work with IPFW.
Maybe I'm missing something, or maybe there's another way...
I am updating some firewall rules to work with fail2ban, and when I set to create the table on boot process I got this message:
DEPRECATED: inserting data into non-existent table 1. (auto-created)
My /etc/ipfw.rules of this part:
ipfw -q add 01500 check-state
# fail2ban IPs
First off I'd like to say a big hello, I'm new to the forms, and FreeBSD in general, and need to say a big thanks for the O/S as well as much of the help (first time posting, silently been reading).
I am having an issue with setting up IPFW on a server that is being used as a reverse...
Digital Ocean droplet:
# uname -a
FreeBSD theranch 10.3-RELEASE-p11 FreeBSD 10.3-RELEASE-p11 #0: Mon Oct 24 18:49:24 UTC 2016 email@example.com:/usr/obj/usr/src/sys/GENERIC amd64
I have two ipfw tables. Both are created with scripts in the same manner. Here are a few lines...
I have got problem with tables. I want to add IP ranges in CIDR format to table(1), but when I reload rules an error ipfw: Unable to parse value 188.8.131.52/18 persist. What can cause it? Below are the config files.
cmd="ipfw -q add"
ipfw -q -f flush...
Here is a very short ipfw ruleset I have on a firewall device:
5 allow tcp from any to any established
10 allow icmp from any to any icmptypes 0,3,8,11
20 allow udp from any to any dst-port 33433-33499 in via xl1
30 allow tcp from any to any dst-port 40 in via xl1
65535 deny ip from any to any...