Securing BSD as firewall

[Nathan Yerian]

I have a pretty technical networking question....

First, a little background info:

A while back, on the advice of a co-worker, I started using a
FreeBSD-based PC as a harware firewall to my cable modem. A couple days ago,
I was perusing the system logs and noticed a bunch of rejected attempts to
ftp into my firewall from IP addresses in France, a few in Poland, and a
couple others I didn't bother to look up. Most were accompanied by a message
that the login was rejected, but not all were.

Question:

How do I bind services to one network interface, but not the other?

I want to be able to telnet and ftp to the firewall from within my
network (on vr1) but I would like to disable ALL services on the other
(vr0).

[Lowell Gilbert]

comp.unix.bsd.freebsd is not widely propagated, so you won't
necessarily get much help here (in comp.unix.bsd.freebsd).
See http://www.freebsd.org/support.html for better ideas...
[followups redirected accordingly]

"Nathan Yerian" <nye...@comcast.net> writes:

This is called "packet filtering," and is usually the first thing that
people mean when they talk about building a firewall. The FreeBSD
Handbook has a whole chapter on it; I suggest starting there.