Firewall setup

From Blitzed

Nubian has its own firewall that denies most incoming traffic by default. This page explains the setup.

It's probably obvious to most FreeBSD people, but it isn't to a Linux-guy like me, and that's why I document it here. -- mark

[edit] Setup

Nubian uses a custom ipfw.conf firewall, that is run by /etc/rc.firewall on boot, and configured in /etc/rc.conf. The rules are listed in /etc/ipfw.conf, and this is the file that should be edited to modify the firewall rules.

The kernel is compiled with a default accept rule, so when the rules get flushed, the kernel will accept all traffic.

[edit] Activating changes

After changing the rules in ipfw.conf, these rules still need to be fed to the kernel. The default rule is to accept, so this command should be a safe way:

ipfw -q flush && ipfw -q /etc/ipfw.conf ; echo "Press CTRL-C within 10s, otherwise
   the firewall will be reverted back (to prevent broken firewall rules)" && \
   sleep 10 && ipfw -q flush

This page is a stub — you can help Blitzed by expanding it.

Retrieved from "http://wiki.blitzed.org/Firewall_setup"

Category: Systems documentation

Firewall setup

From Blitzed

[edit] Setup

[edit] Activating changes

Views

Personal tools

Blitzed

Information

Documents

Wiki

Search

Toolbox