FreeBSD Setting up Firewall using IPFW

by on April 14, 2007 · 24 comments· LAST UPDATED June 21, 2008

in , ,

Q. I'm new to FreeBSD and am trying to configure the firewall using IPFW, but I'm having a hard time understanding it as compare to Linux. Can you provide a small example on how to go about setting up the rules for a typical FreeBSD based Apache Web server?

A. Ipfirewall (ipfw) is a FreeBSD IP packet filter and traffic accounting facility.

IPFW is included in the basic FreeBSD install as a separate run time loadable module. The system will dynamically load the kernel module when the rc.conf statement firewall_enable="YES" is used.

FreeBSD compile kernel for IPFW

This step is optional. You do not need to compile IPFW into the FreeBSD kernel unless you want NAT function enabled. However some old version may not have IPFW compiled. Here is a quick guide to compile kernel with IPFW.

Make sure IPFW support not compiled into the kernel:
#ipfw list
If you get an error that read as follows, you must now compile the source code for the kernel.
ipfw: getsockopt(IP_FW_GET): Protocol not available

Another option is open default kernel config file /usr/src/sys/i386/conf and look for IPFIREWALL option:
# grep IPFIREWALL /usr/src/sys/i386/conf

Building and Installing a Custom Kernel with IPFW

Copy default kernel file:
# cd /usr/src/sys/i386/conf
# cp GENERIC IPFWKERNEL

Add IPFW support:
# vi IPFWKERNEL
Append following directives:
options IPFIREWALL # required for IPFW
options IPFIREWALL_VERBOSE # optional; logging
options IPFIREWALL_VERBOSE_LIMIT=10 # optional; don't get too many log entries
options IPDIVERT # needed for natd

Save and close the file. Building a Kernel, type following commnds:
# cd /usr/src
# make buildkernel KERNCONF=IPFWKERNEL

Install the new kernel:
# make installkernel KERNCONF=IPFWKERNEL
Now reboot the system:
# reboot

Step # 1: Enabling IPFW

Open /etc/rc.conf file
# vi /etc/rc.conf
Append following settings:
firewall_enable="YES"
firewall_script="/usr/local/etc/ipfw.rules"

Save and close the file..

Step # 2 Write a Firewall Rule Script

You need to place a firewall rules in a script called /usr/local/etc/ipfw.rule:
# vi /usr/local/etc/ipfw.rules
Append following code:

IPF="ipfw -q add"
ipfw -q -f flush
#loopback
$IPF 10 allow all from any to any via lo0
$IPF 20 deny all from any to 127.0.0.0/8
$IPF 30 deny all from 127.0.0.0/8 to any
$IPF 40 deny tcp from any to any frag
# statefull
$IPF 50 check-state
$IPF 60 allow tcp from any to any established
$IPF 70 allow all from any to any out keep-state
$IPF 80 allow icmp from any to any
# open port ftp (20,21), ssh (22), mail (25)
# http (80), dns (53) etc
$IPF 110 allow tcp from any to any 21 in
$IPF 120 allow tcp from any to any 21 out
$IPF 130 allow tcp from any to any 22 in
$IPF 140 allow tcp from any to any 22 out
$IPF 150 allow tcp from any to any 25 in
$IPF 160 allow tcp from any to any 25 out
$IPF 170 allow udp from any to any 53 in
$IPF 175 allow tcp from any to any 53 in
$IPF 180 allow udp from any to any 53 out
$IPF 185 allow tcp from any to any 53 out
$IPF 200 allow tcp from any to any 80 in
$IPF 210 allow tcp from any to any 80 out
# deny and log everything
$IPF 500 deny log all from any to any

Save and close the file.

Step # 3: Start a firewall

You can reboot the box or you could reload these rules by entering on the command line.
# sh /usr/local/etc/ipfw.rules

Task: List all the rules in sequence

Type the following command:
# ipfw list

Further readings:

Updated for accuracy.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 23 comments… read them below or add one }

1 fbsdguru June 28, 2007 at 12:12 pm

Here is my script..

# Set this to your ip address.
        ip="192.168.1.5"
        fwcmd="ipfw"
        setup_loopback
        # Allow anything outbound from this address.
        ${fwcmd} add allow all from ${ip} to any out
        # Deny anything outbound from other addresses.
        ${fwcmd} add deny log all from any to any out
        # Allow TCP through if setup succeeded.
        ${fwcmd} add allow tcp from any to any established
        # Allow IP fragments to pass through.
        ${fwcmd} add allow all from any to any frag
        # Allow all IPv6 packets through - they are handled by the separate
        # ipv6 firewall rules in rc.firewall6.
        ${fwcmd} add allow ipv6 from any to any
        # Allow inbound ftp, ssh, email, tcp-dns, http, https, imap, imaps,
        # pop3, pop3s.
        ${fwcmd} add allow tcp from any to ${ip} 21 setup
        ${fwcmd} add allow tcp from any to ${ip} 22 setup
        ${fwcmd} add allow tcp from any to ${ip} 222 setup
        ${fwcmd} add allow tcp from any to ${ip} 25 setup
        ${fwcmd} add allow tcp from any to ${ip} 53 setup
        ${fwcmd} add allow tcp from any to ${ip} 80 setup
        ${fwcmd} add allow tcp from any to ${ip} 443 setup
        ${fwcmd} add allow tcp from any to ${ip} 143 setup
        ${fwcmd} add allow tcp from any to ${ip} 993 setup
        ${fwcmd} add allow tcp from any to ${ip} 110 setup
        ${fwcmd} add allow tcp from any to ${ip} 995 setup
        # Deny inbound auth, netbios, ldap, and Microsoft's DB protocol
        # without logging.
        ${fwcmd} add reset tcp from any to ${ip} 113 setup
        ${fwcmd} add reset tcp from any to ${ip} 139 setup
        ${fwcmd} add reset tcp from any to ${ip} 389 setup
        ${fwcmd} add reset tcp from any to ${ip} 445 setup
        # Deny some chatty UDP broadcast protocols without logging.
        ${fwcmd} add deny udp from any 137 to any
        ${fwcmd} add deny udp from any to any 137
        ${fwcmd} add deny udp from any 138 to any
        ${fwcmd} add deny udp from any 513 to any
        ${fwcmd} add deny udp from any 525 to any
        # Allow inbound DNS and NTP replies.  This is somewhat of a hole,
        # since we're looking at the incoming port number, which can be
        # faked, but that's just the way DNS and NTP work.
        ${fwcmd} add allow udp from any 53 to ${ip}
        ${fwcmd} add allow udp from any 123 to ${ip}
        # Allow inbound DNS queries.
        ${fwcmd} add allow udp from any to ${ip} 53
        # Allow inbound NTP queries.
        ${fwcmd} add allow udp from any to ${ip} 123
        # Allow traceroute to function, but not to get in.
        ${fwcmd} add unreach port udp from any to ${ip} 33435-33524
        # Allow some inbound icmps - echo reply, dest unreach, source quench,
        # echo, ttl exceeded.
        ${fwcmd} add allow icmp from any to any icmptypes 0,3,4,8,11
        # Everything else is denied and logged.
        ${fwcmd} add deny log all from any to any

Have a fun :D

Reply

2 rohit July 3, 2007 at 12:36 pm

Nice guide.

IPFW is included in the basic FreeBSD install as a separate run time loadable module. The system will dynamically load the kernel module when the rc.conf statement firewall_enable=”YES” is used. You do not need to compile IPFW into the FreeBSD kernel unless you want NAT function enabled.

Reply

3 Mike July 3, 2007 at 1:27 pm

Two previous posters mention you might want to compile the firewall into the kernel to allow NAT. For beginners, the reason you might want NAT is if your firewall is protecting a LAN. If your FreeBSD machine is a stand-alone machine, or you have another computer or black-box device protecting your lan, then you don’t need this feature. (The two example firewall config scripts assume this state of affairs!)

If you do have a LAN you need to protect, look at the example firewall script that comes with FreeBSD in /etc/rc.firewall and examine the “Simple” configuration… that’s a good starting point for a firewall protecting a LAN.

Reply

4 tux821 July 25, 2007 at 9:25 am

Nice article, this got me started with the FreeBSD firewall.

A few remarks for improvement:

(starting with your text, followed by the improvement)

1)
Make sure IPFW support not compiled
#ipfw list

>> Please replace with:
Make sure IPFW support not compiled into the kernel:
#ipfw list

2)
# vi /usr/local/etc/ipfw.rule

>> should read:
# vi /usr/local/etc/ipfw.rules

3)
Append following settings:
firewall_enable=”YES”
firewall_script=”YES”
firewall_script=”/usr/local/etc/ipfw.rules”

>> The ‘firewall_script=”YES”‘ should be removed.

4)
# open port ftp (21,22), ssh (22), mail (25)

>> should be
# open port ftp (20,21), ssh (22), mail (25)

Further.., big thanx!,

Tux821

Reply

5 aunk August 14, 2007 at 3:06 pm

hi all, i want to ask

fbsdguru, is you ip 192.168.1.5 facing the internet? mine have 2 ether, 1 assigned ip from NAP, and 1 assigned ip for main router of my network (ISP). is your script compatible for my network design? assume that ether which facing public is dc0 and ether for main router is vr0, any suggestion for best firewall on my machine?

thanks before, sorry for bad english.

Reply

6 Vladimir Tserijemiwtz October 27, 2007 at 11:22 pm

Please make note that you can run IPFW & NATD on FreeBSD-6.x without recompiling anything into your computer. The docs keep making reference that you will need to recompile your kernel if you want NATD. I have my system running and it’s using the GENERIC kernel. Both IPFW and NATD work just fine without recompiling the kernel.

FreeBSD docs are often out of date and can send you down the wrong road.

Reply

7 Fred November 10, 2007 at 9:11 pm

What about blocking Nmap?

01100 deny ip from any to any ipoptions rr
01110 deny ip from any to any ipoptions ts
01120 deny ip from any to any ipoptions lsrr
01130 deny ip from any to any ipoptions ssrr
01140 deny tcp from any to any tcpflags syn,fin
01150 deny tcp from any to any tcpflags syn,rst

Reply

8 Satyesh Banavali February 10, 2008 at 9:13 am

I tried both the scripts. Both the scripts bolck http requests and the bsd cannot resolve any DNS queries once they are executed. The moment I open up the firewall everything goes through.

I could not achieve browsing with the script in place. Maybe I am doing something wrong…..

My public IP is 81.155.30.2 and my internal Network is 172.16.0.0

FreeBSD is 6.10

Reply

9 relch April 17, 2008 at 3:46 am

hi! I need help regarding ipfw. i’m a newbie to freebsd. I want my freebsd to be the gateway of my WLAN to the internet. I also want to authenticate each user through a database. Can anyone help me?
I just need it for my case study in school.

here’s my email for those who want to help:

relch2k7@yahoo.com

thanks!

Reply

10 Njuki July 9, 2008 at 12:53 pm

i think you should add, before the reboot

options IPFIREWALL_DEFAULT_TO_ACCEPT

When appending options for the kernel, i followed the above steps and realized i could not log in remotely to the box i was building a firewall after the reboot.

Reply

11 sara October 17, 2008 at 10:49 am

more useful..

Thanks a lot

Reply

12 boom December 31, 2008 at 8:21 am

locking myself out

Reply

13 Emman January 12, 2009 at 7:57 am

Nice firewall, how about blocking by means of MC Address, I set-up a proxy server
and allow only specific IP’s, but the problem is that some users knows how to change
their IP address and knows what are the IP’s that are allowed to surf the Internet. So
I think blocking by means of MC Address solve my problem here in out company.
Can you help me?

Thank you and more power.

Reply

14 Alan January 24, 2009 at 3:26 pm

Thank you man!

This is wonderful! I make this process and ther works perfect.

Thank you again!

Sorry for my bad english.

[ ]‘s

Reply

15 Patric Falinder May 12, 2009 at 12:42 pm

How do I modify the script to NAT my traffic from my OpenVPN interface tun0 to my external interface vr0 (it has a direct connection to internet, no router between)?

OpenVPN—->vr0—->INTERNET

Reply

16 sam August 21, 2009 at 1:48 am

if you dont add DEFAULT_TO_ACCEPT and do not already have a firewall script in place, when you reboot your box the default will be to deny ALL, therefore if your box is not local you may have an issue =)

Reply

17 martin February 5, 2010 at 3:59 am

Have added the DEFAULT_TO_ACCEPT option and removed /etc/rc.conf enables and am still locket out.
Outstanding article.

Reply

18 Iván Carrasco Q. August 9, 2010 at 8:52 pm

I just wanted to share in this post my script. I have configured a machine working as a Traffic Shaper with 4 kind of clients, up/down, national/international bw, and also unlimited clients:

#!/bin/sh
fw="/sbin/ipfw"
#Default traffic
BWNAC="2048KBit/s"
BWINT="1024KBit/s"
#Planes
BW1NAC="600KBit/s"
BW1INT="250KBit/s"
BW2NAC="1024KBit/s"
BW2INT="450KBit/s"
BW3NAC="2048KBit/s"
BW3INT="950KBit/s"
##IPs
#IP600 con plan BW1
IP600="{ 190.93.239.0/24 }"
#IP1024 con plan BW2
IP1024="{ 190.93.225.0/24 or 190.93.226.0/23 or 190.93.228.0/22 or 190.93.232.0/23 or 190.93.234.0/24 or 200.73.215.0{0-124} or 200.73.213.0{1-254} or 200.73.214.0{0-254} or 200.73.212.0{100-255} }"
#IP2048 con plan BW3
IP2048="{ 190.93.235.0/24 or 190.93.236.0/23 or 190.93.238.0/24 or 200.73.215.0{125-254} }"
IPNOCUT="{ 190.93.224.0/24 or 200.73.208.0{1-69} }"
$fw -f flush
$fw -f pipe flush
$fw -f queue flush
$fw enable one_pass
$fw add 10 check-state
$fw add 100 allow ip from any to any via lo0
$fw add 200 allow ip from any to 127.0.0.1/8
$fw add 300 allow ip from 127.0.0.1/8 to any
$fw add 540 deny ip from any to any frag in
$fw add 600 allow all from ${IPNOCUT} to any
$fw add 700 allow all from any to ${IPNOCUT}
$fw pipe 1 config buckets 2048 mask src-ip 0xffffffff bw ${BWNAC}
$fw pipe 2 config buckets 2048 mask dst-ip 0xffffffff bw ${BWNAC}
$fw pipe 3 config buckets 2048 mask src-ip 0xffffffff bw ${BWNAC}
$fw pipe 4 config buckets 2048 mask dst-ip 0xffffffff bw ${BWNAC}
$fw pipe 7 config buckets 2048 mask src-ip 0xffffffff bw ${BWINT}
$fw pipe 8 config buckets 2048 mask dst-ip 0xffffffff bw ${BWINT}
$fw pipe 9 config buckets 2048 mask src-ip 0xffffffff bw ${BWNAC}
$fw pipe 10 config buckets 2048 mask dst-ip 0xffffffff bw ${BWNAC}
#
$fw pipe 21 config buckets 2048 mask src-ip 0xffffffff bw ${BW1NAC}
$fw pipe 22 config buckets 2048 mask dst-ip 0xffffffff bw ${BW1NAC}
$fw pipe 23 config buckets 2048 mask src-ip 0xffffffff bw ${BW1INT}
$fw pipe 24 config buckets 2048 mask dst-ip 0xffffffff bw ${BW1INT}
#
$fw pipe 31 config buckets 2048 mask src-ip 0xffffffff bw ${BW2NAC}
$fw pipe 32 config buckets 2048 mask dst-ip 0xffffffff bw ${BW2NAC}
$fw pipe 33 config buckets 2048 mask src-ip 0xffffffff bw ${BW2INT}
$fw pipe 34 config buckets 2048 mask dst-ip 0xffffffff bw ${BW2INT}
#
$fw pipe 41 config buckets 2048 mask src-ip 0xffffffff bw ${BW3NAC}
$fw pipe 42 config buckets 2048 mask dst-ip 0xffffffff bw ${BW3NAC}
$fw pipe 43 config buckets 2048 mask src-ip 0xffffffff bw ${BW3INT}
$fw pipe 44 config buckets 2048 mask dst-ip 0xffffffff bw ${BW3INT}
#
$fw add 1460 allow all from $IPNOCUT to any out xmit bridge0
$fw add 1480 allow all from any to $IPNOCUT in recv bridge0
$fw add 1560 allow all from $IPNOCUT to any out xmit bridge1
$fw add 1580 allow all  from any to $IPNOCUT in recv bridge1
#
####### 600 Permisos por Bridge #################################
$fw add 4660 pipe 21 all from ${IP600} to any out xmit bridge0
$fw add 4680 pipe 22 all from any to ${IP600} in recv bridge0
$fw add 4760 pipe 21 all from ${IP600} to any out xmit bridge1
$fw add 4780 pipe 22 all  from any to ${IP600} in recv bridge1
####### 1024 Permisos por Bridge #################################
$fw add 4660 pipe 31 all from ${IP1024} to any out xmit bridge0
$fw add 4680 pipe 32 all from any to ${IP1024} in recv bridge0
$fw add 4760 pipe 31 all from ${IP1024} to any out xmit bridge1
$fw add 4780 pipe 32 all  from any to ${IP1024} in recv bridge1
####### 2048 Permisos por Bridge #################################
$fw add 4660 pipe 41 all from ${IP2048} to any out xmit bridge0
$fw add 4680 pipe 42 all from any to ${IP2048} in recv bridge0
$fw add 4760 pipe 41 all from ${IP2048} to any out xmit bridge1
$fw add 4780 pipe 42 all  from any to ${IP2048} in recv bridge1
#
$fw add 4860 pipe 3 all from any to any out xmit bridge0
$fw add 4880 pipe 4 all from any to any in recv bridge0
$fw add 4960 pipe 3 all from any to any out xmit bridge1
$fw add 4980 pipe 4 all  from any to any in recv bridge1
############# 600 Permisos por Interfaz  ######################
$fw add 24260 pipe 21 all from ${IP600} to any in via bge0
$fw add 24270 pipe 22 all from any to ${IP600} out via bge0
$fw add 24280 pipe 22 all from ${IP600} to any in via bge1
$fw add 24290 pipe 21 all from any to ${IP600} out via bge1
############# 1024 Permisos por Interfaz  ######################
$fw add 24260 pipe 31 all from ${IP1024} to any in via bge0
$fw add 24270 pipe 32 all from any to ${IP1024} out via bge0
$fw add 24280 pipe 32 all from ${IP1024} to any in via bge1
$fw add 24290 pipe 31 all from any to ${IP1024} out via bge1
############# 2048 Permisos por Interfaz  ######################
$fw add 24260 pipe 41 all from ${IP2048} to any in via bge0
$fw add 24270 pipe 42 all from any to ${IP2048} out via bge0
$fw add 24280 pipe 42 all from ${IP2048} to any in via bge1
$fw add 24290 pipe 41 all from any to ${IP2048} out via bge1
#
$fw add 25260 pipe 1 all from any to any in via bge0
$fw add 25270 pipe 2 all from any to any out via bge0
$fw add 25280 pipe 2 all from any to any in via bge1
$fw add 25290 pipe 1 all from any to any out via bge1
############# 600 Permisos por Vlan Internacional  ############
$fw add 35260 pipe 24 all from ${IP600} to any out via vlan24090
$fw add 35270 pipe 23 all from any to ${IP600} in via vlan24090
$fw add 35280 pipe 24 all from ${IP600} to any in via vlan24091
$fw add 35290 pipe 23 all from any to ${IP600} out via vlan24091
############# 1024 Permisos por Vlan Internacional  ############
$fw add 35260 pipe 34 all from ${IP1024} to any out via vlan24090
$fw add 35270 pipe 33 all from any to ${IP1024} in via vlan24090
$fw add 35280 pipe 34 all from ${IP1024} to any in via vlan24091
$fw add 35290 pipe 33 all from any to ${IP1024} out via vlan24091
############# 2048 Permisos por Vlan Internacional  ############
$fw add 35260 pipe 44 all from ${IP2048} to any out via vlan24090
$fw add 35270 pipe 43 all from any to ${IP2048} in via vlan24090
$fw add 35280 pipe 44 all from ${IP2048} to any in via vlan24091
$fw add 35290 pipe 43 all from any to ${IP2048} out via vlan24091
#
$fw add 36260 pipe 7 all from any to any in via vlan24090
$fw add 36270 pipe 8 all from any to any out via vlan24090
$fw add 36280 pipe 8 all from any to any in via vlan24091
$fw add 36290 pipe 7 all from any to any out via vlan24091
############# 600 Permisos por Vlan nacional  #################
$fw add 47260 pipe 21 all from ${IP600} to any out via vlan3960
$fw add 47270 pipe 22 all from any to ${IP600} in  via vlan3960
$fw add 47280 pipe 22 all from ${IP600} to any in via vlan3961
$fw add 47290 pipe 21 all from any to ${IP600} out via vlan3961
############# 1024 Permisos por Vlan nacional  #################
$fw add 47260 pipe 31 all from ${IP1024} to any out via vlan3960
$fw add 47270 pipe 32 all from any to ${IP1024} in  via vlan3960
$fw add 47280 pipe 32 all from ${IP1024} to any in via vlan3961
$fw add 47290 pipe 31 all from any to ${IP1024} out via vlan3961
############# 2048 Permisos por Vlan nacional  #################
$fw add 47260 pipe 41 all from ${IP2048} to any out via vlan3960
$fw add 47270 pipe 42 all from any to ${IP2048} in  via vlan3960
$fw add 47280 pipe 42 all from ${IP2048} to any in via vlan3961
$fw add 47290 pipe 41 all from any to ${IP2048} out via vlan3961
#
$fw add 47260 pipe 10 all from any to any in via vlan3960
$fw add 47270 pipe 9 all from any to any out via vlan3960
$fw add 47280 pipe 10 all from any to any in via vlan3961
$fw add 47290 pipe 9 all from any to any out via vlan3961
#
$fw add 60000 allow ip from any to any
#
##################################################

Reply

19 Ivan Carrasco Q. August 14, 2010 at 4:45 am

Another post /etc/rc.conf

#--sysinstall generated deltas -- # Wed Oct 29 22:56:03 2008
# Created: Wed Oct 29 22:56:03 2008
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
#cloned_interfaces="bridge0 bge0 bge1"
#autobridge_interfaces="bridge0"
#autobridge_bridge0="bge*"
#ifconfig_bridge0="10.192.0.69 netmask 0xffff0000"
cloned_interfaces="vlan24090 vlan24091 vlan3960 vlan3961 vlan19030 vlan19031 vlan19040 vlan19041"
ifconfig_bge0="up"
ifconfig_bge1="up"
ifconfig_vlan24090="vlan 2409 vlandev bge0"
ifconfig_vlan3960="vlan 396 vlandev bge0"
ifconfig_vlan24091="vlan 2409 vlandev bge1"
ifconfig_vlan3961="vlan 396 vlandev bge1"
ifconfig_vlan19040="vlan 1904 vlandev bge0"
ifconfig_vlan19030="vlan 1903 vlandev bge0"
ifconfig_vlan19041="vlan 1904 vlandev bge1"
ifconfig_vlan19031="vlan 1903 vlandev bge1"
cloned_interfaces="bridge0 vlan24090 vlan24091 bridge1 vlan3960 vlan3961 bridge2 vlan19030 vlan19041 bridge3 vlan19040 vlan19041"
ifconfig_bridge0="addm vlan24090 addm vlan24091 up"
ifconfig_bridge1="addm vlan3960 addm vlan3961 up"
ifconfig_bridge2="addm vlan19030 addm vlan19031 up"
ifconfig_bridge3="addm vlan19040 addm vlan19041 up"
ifconfig_bge0="10.192.0.69 netmask 0xffff0000"
linux_enable="YES"
sshd_enable="YES"

Reply

20 Ivan Carrasco Q. August 27, 2010 at 3:18 am

just add this to /etc/rc.conf
ifconfig_re1=”inet 190.93.224.XXX netmask 255.255.240.0″
defaultrouter=”190.93.224.1″
firewall_enable=”YES”
firewall_script=”/etc/prueba2″
firewall_type=”open”

Reply

21 Ivan Carrasco Q. August 27, 2010 at 3:23 am

Also modify the file /etc/sysctl.conf with:

#
net.inet.ip.fw.verbose=1
net.inet.ip.fw.verbose_limit=5
net.link.ether.bridge=1
net.link.ether.bridge_ipfw=1
net.link.ether.bridge_cfg=vr0:1,re0:1
net.link.bridge.ipfw=1
#

Reply

22 jason January 8, 2011 at 6:53 pm

Dumb question… in the comments its sats that port 20 is being opened but i don’t see a rule set… since I have set up IPFW I have major pain get file listing for ftp GUI programs

Reply

23 Fritz September 9, 2011 at 2:01 am

i need help, how do i save Save and close the file. Building a Kernel, type following commnds:?, i feel like am doing something wrong please help.

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , , , ,

Previous Faq:

Next Faq: