Tuesday, January 20, 2004

fwbuilder

More in the firewall vein; here's a tool to help you build your firewall rules, by far the most complicated part of using a firewall - fwbuilder. It supports ipfw out of the box, and also purports to support ipfilter. Gotta get started on this trip myself.



Description for ports/security/fwbuilder



A note by Phil Payne on using fwbuilder:


One quirk, when using fwbuilder with IPFW, the divert to natd isn't
supported so I'm installing the rules with a little script that inserts the
natd rule appropriately.



---
#!/bin/sh
.fw    # Installs the rules generated by fwbuilder
ipfw delete 1       # delete the check-state rule at 00001
ipfw add 1 divert natd ip from any to any via  # add new
divert rule at 1
ipfw add 2 check-state    # re-add the check-state 2
---

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)