The home page The latest version  How to get NetBSD Firewall  Supported hardware  Customer Reviews   Questions you should have  Is it useful for me?  What information do I need?  What hardware do I need?  What software do I need?  How do I plug it all in?   How to install it  Getting the hardware ready  Getting the software ready  The installation process  Checking if it works  Changing your home computer  What's next (possibble extra's)?  CD and Donations Full technical disclosure  How to get the sources  Who we are Related technical resources   Sites with information   Sites with tools   intrusion detection software   Let us know!  Tell us you installed it  Any problems? Let us know!

What's next? There's plenty of things we want to do next. For example, intrusion detection tools, or adding mail and web services to your setup.   Currently, we're simply working on getting all the details right, and making sure what we have now runs on as many systems as we can. For the next step, we need you to tell us what you would like to see. Mail us! If you'd like to know more about NetBSD, install more than one firewall, or show your appreciation for our work, visit our CD and domation page.   If you want to run a web server behind your firewall, add a line to /etc/ipnat.conf to redirect to the web site: rdr ep0 1.2.3.4/32 port 80 -> 192.168.1.101 port 80 (where 1.2.3.4 is the external address, 192.168.1.101 the web server address, ep0 the external network interface. Port 80 is the web server port) Then type "ipnat -f /etc/ipnat.conf" or alternatively restart the firewall If you want to run other servers behind your firewall, just use the port number that service uses instead of 80 - but remember, every hole you punch in the firewall like this exposes a little bit of your systems; make sure you know the server you're using is secure. For example, if you add a mail server (port 25), make sure it cannot be used to send out spam. If you're not sure, just mail us with your questions.   We've put snort, the open source intrusion detection software, into the distribution - all you have to do is install detection rules, enable it, and here's how to do it: edit /etc/rc.local, add a line like this: /usr/local/bin/snort -D -c /usr/local/share/snort/rules.conf -s (that should start snort on system startup) Of course, this assumes you have created a file "rules.conf" in the location specified above. There's several rules files available on the snort web site. Note: snort is not for the faint of heart. You'll get far more alarms than you expect, and virtually all of them will be harmless attempts to scan for windows shares. Harmless, because that's what the firewall is for!! We received an extension to this snort package from Ken McKinlay, who uses tcpdump and some clever scripts to make a nice intrusion detection setup. If you're not afraid of experimenting, and know your way around shell scripts, download this package: log on as root type: "ftp http://www.dubbele.com/ids.tar.gz"