|
|
we have a winner
This firewall.conf is a winner. Its been error tested and optimized for security, speed, and measured accessibility. I recommend that you also install Little Snitch on your LAN clients (that way, you're able to block attacks from outside, and within). #!/bin/sh # Firewall Boot Script # Generated by BrickHouse # Altered by TigerKR #=========================================================== # Enable IP Sharing #=========================================================== # Enable IP Forwarding in the kernel /usr/sbin/sysctl -w net.inet.ip.forwarding=1 # Start the natd server /usr/sbin/natd -f /etc/natd.conf # Add additional gateway IP addresses and routes /sbin/ifconfig en1 inet 192.168.0.1 netmask 255.255.255.0 alias up /sbin/route add -host 192.168.0.1 -interface 127.0.0.1 #=========================================================== # Enable IP Firewall Logging #=========================================================== /usr/sbin/sysctl -w net.inet.ip.fw.verbose=1 # Put a limit on each rule's logging /usr/sbin/sysctl -w net.inet.ip.fw.verbose_limit=500 #=========================================================== # Double the number of possible dynamic rules #=========================================================== /usr/sbin/sysctl -w net.inet.ip.fw.dyn_buckets=512 /usr/sbin/sysctl -w net.inet.ip.fw.dyn_max=2000 #=========================================================== # Process Firewall Rules File #=========================================================== /sbin/ipfw -q /etc/firewall.conf I hope that this is helpful for someone. It took a long time for me to find out what the everything was and what it did. And then there was the error checking and optimizing ;) |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.11 seconds |
|