[Shorewall-newbies] firewall setup error help! please! asap

Sterling Martin oilfield123 at hotmail.com
Mon Dec 8 01:41:23 PST 2003


This file determines your network zones. Columns are:
#
#       ZONE            Short name of the zone (5 Characters or less in 
length).
#       DISPLAY         Display name of the zone
#       COMMENTS        Comments about the zone
#
#ZONE   DISPLAY         COMMENTS
net     Net             Internet
loc     Local           Local networks
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE

this is what the zone file has....

interfaces ....

##############################################################################
#ZONE    INTERFACE      BROADCAST       OPTIONS
net     eth0            detect          dhcp,routefilter,norfc1918
loc     eth1            detect
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE



policy file


###############################################################################
#SOURCE         DEST            POLICY          LOG LEVEL       LIMIT:BURST
loc             net             ACCEPT
net             loc             ACCEPT
# If you want open access to the Internet from your Firewall
# remove the comment from the following line.
fw             net             ACCEPT
#net            all             DROP            ULOG
all             all             REJECT          ULOG
#net            fw              DROP    icmp    8
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE




and here is the rules file..... does it look right to you.... 
pleasssssssssssse feel free to comment on how to make it better.... i would 
like to be able to make it so that people can only ftp to on port or ip 
address on one server but not sure how that's done cause as you can see it's 
wide open "persay"


any help would be greatly appreciated... :)


sheldon





>Hello,
>
>Does this firewall have the ability to have what is know as a "DMZ" zone
>.. ??
>
>(Requires Extra Interface) .. Because I am not totally sure what is in
>the "LOC" zone .. but if you use a DMZ .. you will have isolation .. And
>greater security ..
>
>Francesca
>
>PS: Please Reply To All So The List Gets The Thread
>

_________________________________________________________________
Wonder if the latest virus has gotten to your computer? Find out. Run the 
FREE McAfee online computer scan! 
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963



More information about the Shorewall-newbies mailing list