*BSDThis forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I recently installed FreeBSD and it is working very well. I am using it on a desktop with XFCE4.
I want to install a firewall which should permit only web browsing with Firefox etc (and downloading from web). I know about iptables from my Linux experience but apparently that is not used in FreeBSD.
How can I setup a simple firewall which permits only web browsing and downloading from web? Thanks for your help.
Peter N M Hansteen has written an excellent, thorough book on it and had numberous recorded presentations. His book, The Book Of PF, 3rd ed., from No Starch Press, can be ordered quickly from online shops and some of the presentations are about in slide form. The FreeBSD handbook is also a place to look for information about PF. +1 FreeBSD has a great handbook, -1 it needs a handbook to set up.
I haven't followed the details with FreeBSD, but I think there still is some divergance between the upstream PF at OpenBSD and the one still in FreeBSD. Either way, it is far easier to learn than iptables.
I had a FreeBSD box exposed directly to the internet and once I forgot to turn the firewall on. It was running over 7 months like this, until I noticed its CPU usage was unexpectedly high. All open ports were under heavy attack, who knows for how long. But no harm was done. This is what I love about FreeBSD, it is strong security-wise. People who have Windows shaped their mindset do not understand this.
For completeness have a look at IPFW, too. Its use cannot be simpler, just set it to "closed" in rc.conf and then allow your web browsing with added rule.
For completeness have a look at IPFW, too. Its use cannot be simpler, just set it to "closed" in rc.conf and then allow your web browsing with added rule.
Some example code will be really appreciated (IPFW or PF).
You will have to read the docs, man pages - there is no "copy and paste" solution. No one is going to sit down and write a firewall configuration for you.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.