[Shorewall-newbies] Current situation, and eventual goals

Tim Chetelat tim at progfan.com
Fri Dec 5 10:47:11 PST 2003


Everything seems to be working now!  Thank you very much for your
assistance, Francesca.  I think early on I was trying to over-think
everything.  You provided a much simpler (and correct) configuration.
Currently working on getting Apache 2.0 to work the way I want it to.  Wish
me luck, and thanks again!

Tim Chetelat
tim at progfan.com 

> Hello,
> 
> Well the two interface examples might lead you down the wrong path ..
> 
> You don't need the MASQ file in it for example ..
> 
> In Your Policy .. uncomment the following line
> 
> #fw             net             ACCEPT
> 
> And ADD the following line
> 
> loc             fw              ACCEPT
> 
> ... This will allow two things .. Your firewall can access the Net freely
> .. And You Have No Restrictions from your local zone to the FW
> 
> Then in your Rules file ..
> 
> Place the appropriate REJECT or DROP , ACCEPT rules .. To And From Each
> Zone ...
> 
> Examples:
> 
> REJECT  loc     fw      tcp     135,137         #       Kill Netbios
> Chatter (Actual Rule Will Be More In Depth And This May Hose Samba)
> 
> REJECT  loc     fw      udp
> 135,139,445,593,666:765,1214,1433,1434,1728,3333,4444,5732 # Microsoft Hey
> My Computer Has A Worm Ports
> 
> ACCEPT  net     fw      tcp     21,22,25,80,443         # Allow Internet
> Access To FTP, SSH, SMTP And Web To FW
> 
> ACCEPT  net     fw      udp     53                      # I want to allow
> DNS querys to my box
> 
> Hope This Helps,
> 
> Francesca 
>
>
> "No Problems Only Solutions"
> Francesca C. Smith
> Lady Linux Internet Services
> fsmith at ladylinux.com





More information about the Shorewall-newbies mailing list