|
Тема
|
Firewall FreeBSD 5.0 Rel...
|
|
Автор | 3yeka (Нерегистриран) |
Публикувано | 21.04.03 16:11 |
|
Някой знае ли как се настройва Firewall-а? Давам му да качи правила и ги качва, но при рестарт ги губи. Използвам следня ред : ipfw -cq add ...
| |
Тема
|
Re: Firewall FreeBSD 5.0 Rel...
[re: 3yeka]
|
|
Автор | pm (Нерегистриран) |
Публикувано | 22.04.03 17:25 |
|
rc.conf:
firewall_enable="YES"
firewall_script="/etc/ipfw.rules"
ipfw.rules:
#!/bin/sh
ipfw -f flush
.....
.....
.....
| |
Тема
|
Re: Firewall FreeBSD 5.0 Rel...
[re: pm]
|
|
Автор | 3yeka (Нерегистриран) |
Публикувано | 23.04.03 16:19 |
|
10х
A знаеш ли защо като напиша:
ipfw add allow tcp from any to XXX.XXX.XXX.XX1 80
ipfw add allow tcp from XXX.XXX.XXX.XX1 80 to any
не ми отваря само 80-ти порт, а блокира всичко?
| |
Тема
|
Re: Firewall FreeBSD 5.0 Rel...
[re: 3yeka]
|
|
Автор |
Labrett (изпитател) |
Публикувано | 23.04.03 19:26 |
|
tezi rules sa pravilni, stiga da ne se opitvash da gi napishesh naistina s X-ovete, kakto si gi dal :)
Razreshavat vseki da si govori s port 80 na mashinata XXX.XXX... kolkoto si iska
Ako tova e koeto ti trqbva, mahni vsichko ot firewall-a, ostavi samo tiq dvete i si tursi problema po ostanalata chast ot configuraciqta - moje http-to sushto da otkazva connection-nite, ili drug rule vuv firewall-a da gi dropi
Inache za debug na firewall rules mnogo pomaga da si kompilirash kernela s
options IPFIREWALL_VERBOSE
(ili da napishesh sysctl net.inet.ip.fw.verbose 1)
i da dobavish naj-otdolu na pravilata edno deny log, naprimer:
ipfw add 65530 deny log ip from any to any
taka shte ti logva v /var/log/security vsichko, koeto otrqzva
Кратка сентенция...
| |
Тема
|
Re: Firewall FreeBSD 5.0 Rel...
[re: Labrett]
|
|
Автор | 3yeka (Нерегистриран) |
Публикувано | 24.04.03 08:47 |
|
10x, ще опитам...
| |
Тема
|
Re: Firewall FreeBSD 5.0 Rel...
[re: 3yeka]
|
|
Автор |
DarkStar (.)(.) |
Публикувано | 25.04.03 11:07 |
|
А ако все още имаш нужда от помощ - be my guest ;))))
FreeBSD Security How-To
http://people.freebsd.org/~jkb/howto.html
A Basic Guide to Securing FreeBSD 4.x-STABLE
http://draenor.org/securebsd/
How to Build a FreeBSD-STABLE Firewall with IPFILTER
http://www.schlacter.dyndns.org/public/FreeBSD-STABLE_and_IPFILTER.html
FreeBSD Security Guide
http://defcon1.org/html/Security/Secure-Guide/secure-guide.html
TCP Wrappers (TCPD) Under FreeBSD
http://flag.blackened.net/freebsd/tcpd.html
FreeBSD Handbook, 10.3 Securing FreeBSD
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/securing-freebsd.html
FreeBSD Handbook, 10.10 OpenSSH
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/openssh.html
FreeBSD Handbook, 18.10 NTP
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ntp.html
(temporarily down) Taking Advantage of TCP_Wrappers
http://www.freebsdzine.org/attic/199905/security.txt
BSD Security Fundamentals
http://www.subterrain.net/presentations/bsd_files/v3_document.htm
Establishing Good Password Policies
http://www.onlamp.com/lpt/a//bsd/2001/01/17/FreeBSD_Basics.html
Rotating Log Files
http://www.onlamp.com/lpt/a//bsd/2001/06/14/Big_Scary_Daemons.html
Securing BSD Daemons
http://www.onlamp.com/lpt/a//bsd/2001/02/07/FreeBSD_Basics.html
Securing FreeBSD
http://www.onlamp.com/lpt/a/2622
AusCERT UNIX Security Checklist v2.0
http://www.auscert.org.au/Information/Auscert_info/Papers/usc20.html
Changing the Default Password Encryption Algorithm
http://bsdvault.net/sections.php?op=viewarticle&artid=89
Hardening BSD
http://www.antioffline.com/deviation/bsd.html
Building Linux and OpenBSD Firewalls
Wes Sonnenreich's www site:OpenlySecure.org
publisher: http://www.wiley.com/legacy/compbooks/catalog/35366-3.htm
GIAC's GCUX Practical Assignment, Version 1.8 by Jason Lam on "Securing MySQL Server on FreeBSD 4.5"
http://www.giac.org/practical/Jason_Lam_GCUX2.pdf
FreeBSD will root jOOr phat anus.
| |
|
хехе :)
това ми хареса
Кратка сентенция...
| |
|
|
|
|