[Shorewall-newbies] firewall setup error help! please! asap

Sterling Martin oilfield123 at hotmail.com
Mon Dec 8 01:42:53 PST 2003

ooooooooops i forgot to all the rules file in .....;(

#       Accept DNS connections from the firewall to the network
ACCEPT          fw              net             tcp     53
ACCEPT          fw              net             udp     53

ACCEPT          net             loc             tcp     53
ACCEPT          net             loc             udp     53

#       Accept SSH connections from the local network for administration
ACCEPT          loc             fw              tcp     22
#ACCEPT         net:              fw              tcp     22
#ACCEPT         net:              fw              tcp     22
ACCEPT          net:               fw              tcp     22

#Uncomment and provide the correct source IP for port scans
#ACCEPT         net:              loc             tcp     -
#ACCEPT         net:              loc             udp     -

#       Allow Ping From Firewall
#ACCEPT          loc             fw              icmp    8
#ACCEPT          net             fw              icmp    8
ACCEPT           fw              loc             icmp    8
ACCEPT           fw              net             icmp    8
# Bering specific rules:
# allow loc to fw udp/53 for dnscache to work
# allow loc to fw tcp/80 for weblet to work
ACCEPT          loc       fw            udp     53
ACCEPT          loc       fw            tcp     80

#ITS Group open ports
# org settings thses 2 lines
ACCEPT          net     loc             tcp     25
ACCEPT          net     loc             udp     25

# org settings thses 2 lines
ACCEPT          net     loc             tcp     25
ACCEPT          net     loc             udp     25

#smtp my version
#ACCEPT         net     loc:        tcp     25
#ACCEPT         net     loc:        tcp     25
#ACCEPT         NET     LOC:        TCP     25

ACCEPT          net     loc             tcp     80
ACCEPT          net     loc             udp     80

ACCEPT          net     loc             tcp     110
ACCEPT          net     loc             udp     110

ACCEPT          net     loc             tcp     143
ACCEPT          net     loc             udp     143

ACCEPT          net     loc             tcp     443
ACCEPT          net     loc             udp     443

#MS-Terminal Server
ACCEPT          net     loc             tcp     3389
ACCEPT          net     loc             udp     3389

ACCEPT          net     loc             tcp     5900
ACCEPT          net     loc             udp     5900

# drop icmp and block sql and mailserver and dns
DROP            net     fw              icmp    8
DROP            net     loc:        all
DROP            net     loc:        all

>Does this firewall have the ability to have what is know as a "DMZ" zone
>.. ??
>(Requires Extra Interface) .. Because I am not totally sure what is in
>the "LOC" zone .. but if you use a DMZ .. you will have isolation .. And
>greater security ..
>PS: Please Reply To All So The List Gets The Thread

Shop online for kids’ toys by age group, price range, and toy category at 
MSN Shopping. No waiting for a clerk to help you! http://shopping.msn.com

More information about the Shorewall-newbies mailing list