Anyone knows how to connect to a router?

This is true..

Ok, I start with this... I will deny everything and forget about logging for now.

(Now, nothing can come in or go out unless I allow it) block in log quick on eth0 from 192.168.1.1 to any block in log quick on eth0 from 192.168.1.0/24 to any

(This should allow incoming connections) pass in quick on lo eth0 icmp from any to any keep state pass in quick on lo eth0 tcp from any to any flags S keep state pass in quick on lo eth0 udp from any to any keep state pass in quick on lo from any to any

(Next rule should allow outgoing connections) pass out quick on lo eth0 icmp from any to any keep state pass out quick on lo eth0 tcp from any to any flags S keep state pass out quick on lo eth0 udp from any to any keep state pass out quick on lo from any to any

The last pass should be, I think. pass out quick eth0 icmp from any to any keep state pass out quick eth0 tcp from any to any flags S keep state

That should work... But it doesn't. Could the router be blocking my connections?

I will need two interfaces. I want to JAIL sendmail and allocate a separate IP..

Thanks for any help you offer.

This is what I wanted to do, but she won't.

That is the problem I'm having.. The router has a 4-port switch, I can connect to the net with no problems when I disable the firewall on my computer. I would like to run a firewall behind the router, I have no idea how secure they are.

If I could get my computer to connect to it.

I can talk to the router with out a firewall. How secure are Linksys routers? It only cost like $50.

I will guess that router IP is 192.168.1.1.

Not familiar with IPFW, although it does look as if you might be blocking traffic from the router.

Those would seem to drop all traffic from the router, although it would allow external packets that are being routed.

I'm not clear on what those are supposed to do. On my reading, you already blocked those packets with the "quick" option, so they won't reach down this far in your rules. Or do you have two interfaces, so that the early rules only block on the wrong interface and the rules immediately above accept on the correct interface.

Either way, you haven't given enough info for people to be able to help.

Thwo possibilities.

2) install an intelligent router which will make the connections with the ISP. You and she just plug into the ethernet ports on the router.

The router will handle all the negotiations with the ISP.

First you turn off all firewalling. You find out what address the router uses, and connect to it with http. You set it up. Then when you know you can talk with it, and everything works, then set up a firewall on your own machine.

If the FreeBSD box is the router, have a look on this:

The ipfw configuration does not tell me your topology and addressing. But those two lines are suspicous:

| "$IPFW" add 10 set 1 drop log all from me to any in recv eth0 | "$IPFW" add 20 set 1 drop log all from 192.168.1.0/24 to any in recv eth0

You could read this one, though: