Differences

This shows you the differences between two versions of the page.

--- bsd [2008/12/28 20:04]
a + OSSEC and Pf on FreeBSD to Limit SSH Brute Forcing
+++ bsd [2009/02/04 18:45]
a + FreeBSD GRE tunnels
@@ Line 9: / Line 9: @@
 ===== FreeBSD =====
@@ Line 48: / Line 50: @@
   ipfw list
+**Firewalling IPv6**
+Below some rules of implementing firewall in FreeBSD. //Using IPFW (please compile your kernel, if it’s not supported).// It’s easy as IPv4.
+<code>
+# Simple Firewall :
+(allow network 2404:170::/32 to any host)
+ip6fw add 100 allow all from 2404:170::/32 to any in via fxp0
+(allow network 2001:dc6::/32 to any host)
+ip6fw add 200 allow all from 2001:dc6::/32 to any in via fxp0
+(allow all ipv6 to host 2404:170:ee02::10)
+ip6fw add 300 allow all from :: to 2404:170:ee02:ee02::10 in via fxp0
+(deny other all traffic).
+ip6fw add 1000 deny all from any to any in via fxp0
+</code>
+**FreeBSD GRE tunnels**
+<code>
+b0x# kldstat
+Id Refs Address Size Name
+5 0xc0400000 34f898 kernel
+14 0xc0750000 56270 acpi.ko
+1 0xc0c97000 1c000 ipl.ko
+1 0xc15ef000 4000 if_gre.ko
+# kldload if_gre.ko
+# sysctl -w net.inet.ip.gre_default_mtu=1450
+# ifconfig gre1 create
+# ifconfig gre1 tunnel 217.154.12.2 212.25.240.34
+# ifconfig gre1 mtu 1450
+# ifconfig gre1 inet 10.1.12.38 10.1.12.37 netmask 255.255.255.252
+# ifconfig gre1 up
+<code>
+or
+   # ifconfig gre1 inet 10.1.12.37 10.1.12.38 netmask 255.255.255.252 up
+   # /usr/sbin/greconfig -i gre1 -v -s 212.25.240.34 -d 217.154.12.2
 ===== OpenBSD =====