Firewall settings

[darenb]

Hi everyone I am new to the FreeBSD firewall. I am looking to set up my firewall so that it automatically blocks all ports except for normal ports such as port 80 and allowing the server to function.

The main idea behind this is that the firewall will block port 22 for example to all users.

But then I need to write a script that will read a database and allow IP addresses from this database access to a specific port for a given time.

So for example I want to allow 81.81.42.42 access to port 22 for 1 hour.

What I am looking for someone to help me on is a basic firewall configuration to block all the ports and then an understanding on how I can then add to the configuration to allow certain IP's to certain ports.

I am happy to pay for this if the information enables me to get the firewall setup how I need/want it.

Please let me know if you think you might have the answers.

Thanks in advance

Daren

 

[DutchDaemon]

Basic rulesets are in pf.conf(5) and in the online PF FAQs, as is the use of <tables> to add IPs to / remove IPs from, using the command line or a script.

Note that this forum helps users and admins who more or less do their own work. It is not intended to be (or become) a market for paid work, and money offers are really a bit out of the ordinary. I'm sure there are plenty of IT firms in your area who would happily do a job like this.

If you decide to give it a go yourself, just show us your work and effort, and people will be happy to contribute.

 

[fbsd1]

I strongly suggest you read the firewall section of the FreeBSD handbook with special attention to ipfirewall. Use the ipf.rules shown in the handbook as is for a very secure system.