Re: Firewall with FreeBSD 3.3

[Jonas Eriksson <je () sekure net>]

Hi,

Check your natd(8) manpage for:

     -redirect_address localIP publicIP

And then ifconfig your outside interface with some IP alias.

Also check the "fwd ipaddr [,port]" in the ipfw(8) manpage.


You could also try IP Filter, http://coombs.anu.edu.au/~avalon/


-- Jonas Eriksson
   je () sekure net

On Thu, 9 Dec 1999, Adidas Boy wrote:

> Dear Firewall Wizards,
>
> I have been using FreeBSD for about 2 years now. I have learned quite a bit 
> over the time as far as simple things to do to make it harder for someone to 
> break into my machine such as installing tcpd to only allow certain hosts, 
> then disabling certain services that are not needed.
>
> It recently decided I wanted to create a machine that had the above features 
> but also did more firewall type of stuff. I have been trying to do some 
> reasearch and learned a little about natd and ipfw which does some type of 
> ruleset things. I'm trying to accomplish the following and wanted some help 
> from anyone of you that could help me. What i want to achieve is all 
> external real ips on the internet be mapped to a certain fake ip and so all 
> requests would have to go thru the firewall so for instance.
>
> computer 1:
>   internal ip: 10.0.0.1
>
> computer 2:
>   internal ip: 10.0.0.2
>
> then have the firewall have something like this:
>
> 205.1.2.1 => 10.0.0.1
> 205.1.2.2 -> 10.0.0.2
>
> so in essence the firewall would listen to 205.1.2.1, 205.1.2.2, etc.
> and then route to the appropriate machine so the person on the outside could 
> never really talk directly to the machine. can this be done with natd and 
> what would i need to do to the configuration to make this work?
>
> Any help would be appreciated!
>
> Brian
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com