Burchwords

Background:

I’ve used ipcop and smoothwall for firewalls before and I’ve heard that they were insecure I’m not sure how true this is, but I’ve heard that if you really want to be “hard-core” about security you need to build a firewall using OpenBSD. So, I did some background work and found that OpenBSD claims that they had only 2 remote holes in the last ten years on their default install. Why? OpenBSD doesn’t allow every joe to write patches and add-ins to the open source code. Yes, you can write and customize it to your liking, but for the official release, from what I understand, a committee has to approve all code before it reaches the final product.

Firewall Project:

I’m going to attempt to build my own OpenBSD firewall for home use. Some may think this is over kill, it might be, but how else are we to learn and improve our skills if we just install prepackaged software all the time.

Resources:

After talking on my regular forums I got the information I need. Next, I went to OpenBSD.org where they offers every known manual for every aspect of their operating system.

Primary Source: http://openbsd.org/faq/pf/config.html

Secondary Source: Forum Post Information:

1.edit /etc/sysctl.conf

2.type in there net.inet.ip.forwarding=1

3.in command line type

4.sysctl -w net.inet.ip.forwarding=1

5.to enable router before reboot.

6.That is "configure as router"

7.add pf=YES into /etc/rc.conf.local

8.this will enable pf after reboot

9.pfctl -e will enable pf before reboot.

10.after pf enabled write your /etc/pf.conf and run pfctl -nvf /etc/pf.conf to see how rules are parsed.

11.pfctl -f /etc/pf.conf will load rules

12.pf=YES will keep rules and pf loaded across reboots.

Comments Are Welcome!

Please if you have any information on the subject please post a comment before I start spending hours upon hours on this. With that said I will start loading the CDs and tell everyone how it turns out.