您好,欢迎来到悍铭数据中心!

新闻中心

FreeBSD + IPF 构建网关防火墙

 This article focuses on how to set up a firm gateway with firewall but not how to install FreeBSD...
1. Install FreeBSD
...
2. Configure /etc/rc.conf
# -- sysinstall generated deltas -- # Wed Dec 22 22:31:09 2004
# Created: Wed Dec 22 22:31:09 2004
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
gateway_enable="YES"
kern_securelevel="3"
kern_securelevel_enable="YES"

rpcbind_enable="NO"
linux_enable="YES"
sshd_enable="YES"
usbd_enable="YES"
# This file now contains just the overrides from /etc/defaults/rc.conf.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# Enable network daemons for user convenience.
# Created: Wed Dec 22 16:43:38 2004
network_interfaces="fxp0 rl0 lo0"
ifconfig_fxp0="inet 1.1.1.2 netmask 255.255.255.252"
ifconfig_rl0="inet 192.1.1.1 netmask 255.255.255.0"

defaultrouter="1.1.1.1"
##enable ipfirewall
#firewall_enable="YES"
#firewall_script="/etc/ipfw.rules"
#firewall_logging="YES"
#####end ipfirewall
##enable ipfilter
ipfilter_enable="YES"
ipfilter_rules="/etc/ipf.rules"
ipmon_enable="YES"
ipmon_flag="-Ds"
ipnat_enable="YES"
ipnat_rules="/etc/ipnat.rules"

#####end ipfilter
# This file now contains just the overrides from /etc/defaults/rc.conf.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# Enable network daemons for user convenience.
# Created: Thu Dec 23 10:50:32 2004
# -- sysinstall generated deltas -- # Thu Dec 23 10:50:32 2004
kern_securelevel="1"
kern_securelevel_enable="YES"
# This file now contains just the overrides from /etc/defaults/rc.conf.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# Enable network daemons for user convenience.
# Created: Thu Dec 23 10:52:08 2004
# -- sysinstall generated deltas -- # Thu Dec 23 10:52:08 2004
kern_securelevel="1"
kern_securelevel_enable="YES"
nfs_reserved_port_only="NO"
# This file now contains just the overrides from /etc/defaults/rc.conf.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# Enable network daemons for user convenience.
# Created: Tue Dec 28 13:39:04 2004
# -- sysinstall generated deltas -- # Tue Dec 28 13:39:04 2004

香港云主机