Here's the situation:I work at a computer repair shop, as we all know viruses, ad-ware and other mal-ware is a huge problem in the windows world, and a lot of people come to us to have their pc's cleaned up.
Some of those programs spread themselves actively, or are used as "zombie computers", which is somewhat of a problem for us because it can infect other PCs on the net, also our ISP (temporarily) shut us down some time ago for security reasons.
We have a firewall on our router, but it only blocks incoming traffic from the net, which makes life a bit easyer because we don't have to open up ports for all kind of programs all the time.
Since we more or less need internet on infected PC's (to download virus-scanners, updates, etc.), I'm trying to setup a bridge with a firewall (IPFW), which should separate filter any bad traffic before it goes to the internet.
Problem is, it doesn't work(which is secure, but not quite what I intended).
The bridge works fine, if I shut down IPFW (or tell IPFW to allow everything) I have network access, so no problems there...
If I scan for DHCP servers, It finds the server and DNS, but doesn't get an IP-adress (?!) for some reason, no matter what I do...
My rc.firewall is attached, I made it as simple as possible, complexity and spiffy features can always be added later, let's get the thing working first... I would really appreciate it if someone looked over it, there are probably errors in there.
What the REAL problem is, is that I'm a real novice at firewalls, and some things really confuse me, more specifically:
- The 'bridged' keyword, does it HAVE to be added to every rule? or is it just recommended? or just specific rules?
- Which ports do I need to open? I think I have all I need now (DHCP, DNS, http, https, ping), maybe there's some hidden port I forgot?
- Should I use PF? (Is it easyer for a novice?)- Should I just setup a separate LAN? Bridging seems simpler, but doesn't seem to be very common/well documented...
I don't think it matters, but just in case: I'm using two 3Com 3C905B-TX NIC's (xl) My uname -a is:FreeBSD filtershit.ictwerkplaats.org 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #0: Wed Feb 22 12:47:58 UTC 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/FILTERSHIT i387
rc.firewall
Description: Binary data
_______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
