List Info

Thread: Web server behind ipfw firewall
Web server behind ipfw firewall
country flaguser name
Pakistan		 2008-04-21 03:48:50 
Hi,

 

I need help for setting up web server behind IPFW firewall.
I have Freebsd
6.0 working as router on LAN with transparent squid. Now I
want to setup web
server to be running on private IP please help me in writing
IPFW rules to
serve the purpose. Current IPFW rules are as under,

 

 

$fwcmd add divert natd all from any to any via vr0

$fwcmd add fwd $external_ip,8080 tcp from not me to any 80

#$fwcmd add fwd $internal_ip log tcp from any to me dst-port
80 in via vr0

#$fwcmd add fwd $internal_ip tcp from any to me dst-port 80
out via re0

$fwcmd add allow log tcp from any to any in tcpflags
syn,fin

$fwcmd add check-state

$fwcmd add allow tcp from any to any out keep-state

$fwcmd add allow tcp from any to any via vr0 established

$fwcmd add allow tcp from any to any 21 setup

$fwcmd add allow tcp from any to any 22 setup

$fwcmd add allow tcp from any to any 23 setup

$fwcmd add allow tcp from any to any 43 setup

$fwcmd add allow tcp from any to me 80 setup

$fwcmd add allow tcp from any to any 110 setup

$fwcmd add allow tcp from any to any 143 setup

$fwcmd add allow tcp from any to any 443 setup

$fwcmd add allow tcp from any to any 789 setup

$fwcmd add reset log tcp from any to any 113 in recv vr0

$fwcmd add allow udp from any to any 53 out xmit vr0

$fwcmd add allow udp from any 53 to any in recv vr0

$fwcmd add 03000 allow icmp from me to any

$fwcmd add 04000 allow icmp from any to any

 

Thanks,

 

 

Fazal

 

 


No virus found in this outgoing message.
Checked by AVG. 
Version: 7.5.524 / Virus Database: 269.23.2/1388 - Release
Date: 4/20/2008
3:01 PM
 
_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )