Firewall query
Paul Civati
paul at xciv.org
Thu Apr 18 12:24:56 BST 2002
Paul Truran <paul at truran.net> wrote:
> I am currently running a FreeBSD 4.5 box as an internet gateway to
> my cable modem.
Presumably you are implementing some kind of NAT via ipfw or ipf?
> So basically, how do I ensure that the internal network can access
> the samba shares, but people on the internet cannot?
I would suggest implementing packet filtering in addition to your NAT,
so that only your internal hosts have access to resources on your
gateway machine.
> I'm pretty sure of what I need to do, but I thought I had better double
> check, as I don't really wan't all my data open to all and sundry on
> the internet. Given that my internal card is xl0 and the one connected
> to the cable modem is fxp0, what do I need to do to my firewall to
> ensure that the SMB shares can only be access via my internal network?
See <URL:http://www.xciv.org/byhsi/>, a tutorial I wrote on how to
set up an OpenBSD NAT gateway to a Blueyonder (Telewest) cable modem.
The concepts should be applicable to FreeBSD, much so if you are using
ipf rather than ipfw.
-Paul-
More information about the Ukfreebsd
mailing list