This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
ipfw [2010/08/26 02:20] k2patel |
ipfw [2020/08/10 02:35] (current) |
||
---|---|---|---|
Line 2: | Line 2: | ||
Simple but nice firewall. | Simple but nice firewall. | ||
+ | [[http://www.freebsd-howto.com/HOWTO/Ipfw-HOWTO | Good Reading]] | ||
==== How to create forward for port ==== | ==== How to create forward for port ==== | ||
Line 16: | Line 17: | ||
</code> | </code> | ||
NOTE : sysctl net.link.ether.bridge_ipfw=1 (this value enable the snort) | NOTE : sysctl net.link.ether.bridge_ipfw=1 (this value enable the snort) | ||
- | |||
==== Common Attack Prevention ==== | ==== Common Attack Prevention ==== | ||
Line 45: | Line 45: | ||
**#deny fragments as bogus packets** | **#deny fragments as bogus packets** | ||
<code bash> | <code bash> | ||
- | ipfw add 00017 deny log all from any to any frag in via | + | ipfw add 00017 deny log all from any to any frag in via em0 |
</code> | </code> |