On Sat, Jul 01, 2006 at 11:46:42PM +0800, jan gestre wrote: > i recently installed and configured > (postfix+dovecot+amavisd-new+clamav+dspam+roundcubemail) in my freebsd > 6.1box, i placed the box in my dmz protected by m0n0wall, however i > have no > firewall on the mentioned box and i'm relying on m0n0wall to protect it. is > that ok? i'm new to freebsd and read about pf and i'm having some thoughts > of installing pf as firewall in my webmailserver but i'm afraid to mess > things up especially now that the box is already a production server, do i > really need to install a separate firewall? is it an overkill? if not then > anybody kind enough to lend a working pf configuration that allows http, > smtp and ssh, i've read the handbook but don't understand it much > particularly the firewall thing.
I think you're right not to try this out on your production box. Pf is nice, and I encourage you to use it, but *please* find a test machine! Pf works well and it's pretty easy to learn, but you almost certainly will make mistakes in the beginning. In addition to the fine Handbook, there's a nice pf faq at www.openbsd.org/faq/pf/ that explains a lot and has a few ruleset examples. If you learn your way on a test box it'll be a snap to put it in production... -- Darrin Chandler | Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ | _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
