We're looking for a good guide on firewalls in Unix....right now we're using...or rather trying to use ipfw and are having quite a difficult time with it.

We have read the handbook and scowered the net for any good tutorials, but have come up dry. We have hacked together some kinda rulset but it has locked us out of our server a few times and we're sure it could be done better or there is a better way to go about this?

Too bad there is no KISS firewall for FreeBSD....or is there?

Any tips or help you guys could give us would be much appreciated!

The freebsd firewall is quite simple.

Be sure to checkout http://www.freebsd.org/doc/en_US.ISO8859-1.../firewalls.html

An example should already exist at /etc/rc.firewall but you should take some time to configure it.

You should make sure you allow all SSH traffic, add the following:



The ipfw command is pretty straight forward... it goes like this..(there is more options, but here's the basics

ipfw add allow|deny|count tcp|udp|icmp|ip from {ipaddress|netmask|range} [port] to {ipaddress|netmask|range} [port] [extra restrictions]

port is optional
any means.. any
etc..

Hope this helps a little.