Date: Mon, 1 Jul 2002 15:57:23 +0200 From: "nascar24" <nascar24@home.nl> To: <security@freebsd.org> Subject: Making a firewall more closed Message-ID: <01a001c22107$3d3b2850$0200a8c0@winxp>
next in thread | raw e-mail | index | archive | help
Hello all, I've been using the IPFW for some time now but I have one problem. I have closed my firewall (I guess) from attacks from the outside world. But I am open to attacks from within, i.e: trojan horses etc. Here is my rc.firewall.rules file. I think it is in rule 500 & 550. But if I change them to 21,22,80,8080 I cannot connect to any websites or FTP sites. # allow loopback traffic add 100 allow ip from any to any via lo0 # protect loopback address add 200 deny log ip from 127.0.0.1 to any add 249 deny log ip from any to 127.0.0.1 # block spoofs add 400 deny log ip from me to any in via ed0 # enable NATD add 425 divert 8668 ip from any to any via ed0 # check dynamic rules add 450 check-state # make dynamic entries for all outgoing traffic add 500 allow log tcp from me to any 1-65535 keep-state out add 550 allow log udp from me to any 1-65535 keep-state out # services we offer to the world add 600 allow log tcp from any to me 22,5067,5617,8472,10000 keep-state in # pass ICMP add 700 allow log icmp from me to any out add 750 allow log icmp from any to me in # pass everything on private LAN add 800 allow log all from 192.168.0.0/16 to any add 850 allow log all from any to 192.168.0.0/16 # log rejects that have fallen through add 65000 deny log ip from any to any I hope you can help, thanks in advance. Marcel. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01a001c22107$3d3b2850$0200a8c0>