Hi Lowell, Thanks for the info. You are right. I don't need the ip address for the external interface in order to configure the firewall. I couldn't understand the sample files that came with ipfw. I thought I had to follow the sample file the way it was given. Now I know I can change it to the way I want. Thanks once again. regds ed
On Tue, 3 Feb 2004 12:40 am, you wrote: > Emmanuel Dwamena <[EMAIL PROTECTED]> writes: > > I need help to set up firewall on my freebsd 5.1 box. I have built new > > kernel with ipfw enabled and is working fine. > > I need to know which of the 3 interfaces do I put the natd and ipfw. > > My freebsd 5.1 box has 2 nic cards. ed0 connects to LAN and ed1 connects > > to adsl modem. I use user ppp to setup the connection to the isp who > > assigns dynamic ip address to the tun0 interface. I have no ip address > > assigned to ed1. I have traffc coming in through the tun0 from outside > > to the LAN. Which of the interfaces do I use to block unwanted traffic > > from the internet.- ed1 or tun0? > > tun0 > > > How do I configure the tun0 interface for the firewall since I > > do not know the interface address before hand? > > You have two choices; either don't use the address in the firewall > setup at all (it isn't really useful...) or use the "me" keyword for > the address (see ipfw(8)). > > > Secondly which interface do I > > place natd? > > tun0 -- email: [EMAIL PROTECTED] _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
