IPFilter newb question

[Desreguard]

hey guys in trin to build a firewall, and i have comipled my kernel with the IPFILTER, IPFILTER_LOG and IPFILTER_DEFAULT_BLOCK options. The book that i was using was telling me to edit the /etc/ipf.conf. Do i actaully create this file or do i edit the /etc/rc.firewall file to put all my rules?

Hey guys, I'm trying to build a firewall, and I have comipled my kernel with the IPFILTER, IPFILTER_LOG and IPFILTER_DEFAULT_BLOCK options. The book that I was using was telling me to edit the /etc/ipf.conf. Do I actually create this file or do I edit the /etc/rc.firewall file to put all my rules?

 

[francis]

Hi, generally look here IPFW firewall. Personally I never edited the /etc/rc.firewall file, because rules included in this file should be reviewed to fit your needs if firewall type is set as client or simple. Personally I wrote rules in the /etc/ipfw.conf file, which could be placed anywhere and could be named anything you want. I also added to the /etc/rc.conf file options that were responsible for the firewall type, e.g.

firewall_type="client" -- firewall will try to protect only Your machine.

If it comes to compiling the kernel with options for the firewall. I did this only when I need advanced features such as, for example, NAT. Otherwise I used

firewall_enable="YES"

as option in the rc.conf file. In addition, you should read the man page for ipfw(8). I hope that I've helped you to resolve yours doubts.