Allow only myself to access SSH

[Ricky]

Hi everyone.

I am having some problems with the configuration of my ipfw.rules. I only want to allow me, to access the SSH. I had this:

$IPF 130 allow tcp from 192.168.1.69 to 192.168.1.69 54374 in
$IPF 140 allow tcp from 192.168.1.69 to 192.168.1.69 54374 out

But it blockx me. So I changed my IP to any and it worked but I only want me to have access to the SSH. Sorry, I know my English isn't the best as well my skills in FreeBSD, but I would like to ask if someone can help me.

Thank you.

 

[Anonymous]

Hi everyone.
I am having some problems with the configuration of my ipfw.rules

I only want to allow me, to access the SSH.

I had this:

$IPF 130 allow tcp from 192.168.1.69 to 192.168.1.69 54374 in
$IPF 140 allow tcp from 192.168.1.69 to 192.168.1.69 54374 out

But it block me. So I replaced my IP to any and it worked but I only want me to have access to the SSH.

The fw rules don't make so much sense. To begin with, sshd() is listening on port 22, or did you change the listening port to 54374? Source and destination address being the same is also unusual, to say the very least.

So please explain a little bit more what "only want me to have access" means:

1. what is the IP address of the machine named "me"
- this would be the source address (sss.sss.sss.sss) in the fw rule

2. what is the IP address of the machine running sshd
- this would be the destination (ddd.ddd.ddd.ddd) address in the fw rule

3. if you did not change the listening port of sshd then the port number would be 22

So, your firewall rules could look like this:

$IPF 130 allow tcp from sss.sss.sss.sss to ddd.ddd.ddd.ddd 22
$IPF 140 deny tcp from any to any 22

 

[Ricky]

Oh My God you are amazing!
It worked perfectly!

Yes I did change the default port to 54374 so I can have more security(I guess).

Now I just need to configure the PF and IPF. Which I have no idea how to do it.

I don't want to push it but as it seems you understand this things so well, maybe you could give me a hand?

 

[Anonymous]

Now I just need to configure the PF and IPF.

pf(4)() and ipf(8)() aka. IPFILTER are alternative firewalls to ipfw(8)(). You want to install only one firewall, that means either PF or IPF or IPFW - see FreeBSD Handbook - Chapter 31 Firewalls

If you don't like IPFW for any reason then you might want to switch to one of the others, of course. I can only be of help for IPFW, though.

 

[Ricky]

Thank you for all! Finally I am now ready for hackers

Just one more question. Which is firewall_type and firewall_script in rc.conf? Because I have been seeing many tutorials where firewall_type is set to the ipfw.rules file.

And which is the best firewall_type?