[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: IPFilter 3.3.6
From:       Darren Reed <darrenr () reed ! wattle ! id ! au>
Date:       1999-12-29 14:44:35
[Download RAW message or body]

In some email I received from Brian Budnick, sie wrote:
> 
> understand is do I only need ipfilter and nothing else on the machine
> to accomplish this?

yes.

> Do i need to install NATD or do i have to enable
> ip forwarding or something?

Don't need NATD but you must enable ip forwarding.

> The IP Filter documentation didn't mention
> anything about this. Also would i have to have a little network set
> between the router and the firewall then another for the rest of the
> network?

That depends on what your firewall design requries.

> Is there a way to make the firewall completely invisable
> by traceroutes and such?

Yes, there is.  But I'm not sure doing that sort of thing is a good idea
if you're still a novice.

> Also when i set the rulesets and then reboot the machine do the
> rulesets I set before i reboot get reinitialized when it comes back up
> or do i have to set some kind of file when it loads to reset the
> rulesets?

You should be putting them in a file so they get reloaded at reboot.

> when i tried to run # ipfstat ( i get the following error message)
> ioctl(SIOCGETFS): Invalid argument

Hmm.  I think I'll make a point of fixing the install procedure for
BSD systems to remove/rename old binaries first.

Darren

[prev in list] [next in list] [prev in thread] [next in thread]