At 10:10 AM 5/27/03 , fernando@rxp.com wrote:
>> -----Original Message-----
>> [mailto:netbsd-help-owner@netbsd.org]On Behalf Of Timothy A. Musson
>> At 12:31 AM 5/27/03 , fernando@rxp.com wrote:

[snip]

>Secure? Eek! I knew it couldn't be this easy. :-P
>
>> Have you seen the
>> http://www.obfuscation.org/ipf/ site? It's an excellent tutorial that will
>> teach you the basics of firewalling.
>
>wow. Another big read. I just downloaded it and can see the problem with

Well, I pointed you to it mostly so you could skim it for the theory, but
it's also got sample rule sets that you can use. Don't get bogged down in
the syntax. Read it through once paying attention to the theory and only
skim the rules. Then you'll have an idea of what your rule does and why
(and why you probably want to use one the sample rule sets).

>reading unix files with Note Pad. That prompted me to find a text editor
>that I _can_ use. I've been using Jen's File Editor for writing code. It
>seems to work fine with unix style text files. I guess I'll be getting some
>schoolin' in today :-)

There is a utility called something like unix2dos that converts endlines
between the correct formats for unix and dos systems.

BTW: Do you know about "man -k <keyword>"? It looks at man page
descriptions and shows you ones with the keyword in them. Say you're having
problems with carriage-returns. You could try "man -k carriage" and maybe
get shown the unix2dos command (I'm not near a *nix system right now to
verify, but play around with it).

>>
>> >thanks for all the help.
>> >
>> >Fernando
>> >
>> >PS: Still wish there was somthing better than VI for command line file
>> >editing. :-\
>> >
>>
>> There is. Do you know about the package system? Check out
>> http://www.mclink.it/personal/MG2508/nbsdeng/chap-pack.html (which is
>> linked from www.netbsd.org/Documentation, it's part of The NetBSD Guide).
>> Also check out http://www.netbsd.org/Documentation/software/ where you can
>> see software packages indexed by category (can someone chime in here about
>> how to see the file in your browser, you have to add a :anonymous to the
>> end of the url or something). You'll be able to find the editors people
>> pointed you to in the package system.
>>
>> -Tim
>>
>>
>
>Will i need these packages for the firewall? I'm sure I will when I put
>together a NetBSD box for learning all this Unix stuff, but is there
>anything pressing that I should download right away for the bare-bones
>firewall I have at the office? (i mean asside from the filter file you
>mentioned). I do want to make sure it's secure. Is the ipf files all i will
>need to make that happen?

1) You may already have the package system installed. The tutorial should
tell you how to check that, and where the binaries are (would be) located.

2) Don't you already use IPFilter? You shouldn't have to download anything.
In any case, the tutorial I mentioned was just so you can get an idea of
how you should use firewalls and what kinds of things to look out for. Even
if you use a different firewall, many of the ideas in that tutorial are
directly applicable.

Once you get the package system installed, it's very easy to install
anything available through it (which is anything you would need, like, for
instance, an editor other than vi). Make sure you know the difference
between installing from source and installing a pre-built binary (you can
do both from pkgsrc, but they require different steps. Installing from
source generally takes longer, but not appreciably so for small programs,
and is tremendously easy: change to the appropriate directory; type "make
&& make install"; wait for it to download everything, compile it, and
install it for you).

In short, setting up pkgsrc is probably easier than learning how to
download the source yourself, make sure you have all the right libraries,
build, and copy files to an appropriate directory, etc.

>Thanks Tim. This is a big help.
>
>Fernando

You're welcome. This what the list is for, after all!

Read through the docs (at least skim them so you get an idea of what you're
dealing with) and play with things a bit. The documentation, especially for
pkgsrc and ipf, should be able to answer most of your questions. Don't
forget that The NetBSD Guide (http://www.netbsd.org/Documentation/) is also
a treasure-trove of information. Feel free to ask more if you get stuck and
those references don't help.

-Tim