Firewalls, filtering, ipfw, and FTP clients

One of the problems I had with my filtering was the inability to get FTP running.   But I wasn't stopping any FTP protocols with my rules.  So I couldn't figure it out.
You should also read the
firewall section of the handbook
.
How do you enable the firewall?
ipfw
allows you to control the IP coming in and out of your machine.  Basically, it's a tool which can be used to set up a firewall between your subnet and the rest of the world.  You can block certain things, allow others, or allows protocols only from known addresses.  For more information on firewalls, check out the
firewall section
in the
FreeBSD Handbook
.
I implemented the simple firewall by setting the following line in /etc/rc.conf:
firewall_enable="YES"
firewall_type="simple"   
Please note that the above are case sensitve.
The firewall rules
Then you must tell the firewall what the
topology
looks like.  I did this by putting the following into /etc/rc.firewall in the simple section.  Please note that these numbers are imaginary and will not work for you.  Please change 1.2.3.444 to your own IP as assigned by your ISP and change 192.168.0.444 to the IP address you have assigned to your gateway machine.
# set these to your outside interface network and netmask and ip
oif="ed0"
onet="1.2.3.444/24"
omask="255.255.255.0"
oip="1.2.3.444"
# set these to your inside interface network and netmask and ip
iif="ed1"
inet="192.168.0.444/24"
imask="255.255.255.0"
iip="192.168.0.444"
I also found that I had to disable some of the default rules.  But I'll details those rules at a later date.
If you're using natd, you might want to add the following to the end of /etc/rc.firewall.   But please note that with 2.2.8, these statements were included with rc.firewall and will not be necessary.
$fwcmd add divert natd all from any to any via ${oif}
$fwcmd add pass all from any to any
After getting the above going, I found that FTP did not work.  Strange.   There's nothing in the rules that prevent FTP.  I gave up and used the open firewall instead.  From time to time, I played with the rules, trying to figure out why it wasn't working.
11 July 1998 - The FTP Solution
I figured it out.  I decided to try the default ftp client that comes with NT.  It worked.  I got it.  No problems.  Then I tried
CuteFTP
, a windows based client.  It didn't work.   Then I thought about the firewall settings.  I used the menu to go to FTP->Settings->Options.   Once there, I went to the Firewall tab and set the following information:

标签：

版权申明：本站文章部分自网络，如有侵权，请联系：west999com@outlook.com
特别注意：本站所有转载文章言论不代表本站观点，本站所提供的摄影照片，插画，设计作品，如需使用，请与原作者联系，版权归原作者所有