[Shorewall-newbies] firewall setup error help! please! asap

Sterling Martin oilfield123 at hotmail.com
Mon Dec 8 01:42:53 PST 2003


ooooooooops i forgot to all the rules file in .....;(



#       Accept DNS connections from the firewall to the network
#
ACCEPT          fw              net             tcp     53
ACCEPT          fw              net             udp     53


#DNS
ACCEPT          net             loc             tcp     53
ACCEPT          net             loc             udp     53


#
#       Accept SSH connections from the local network for administration
#
ACCEPT          loc             fw              tcp     22
#ACCEPT         net:205.206.12.242              fw              tcp     22
#ACCEPT         net:205.206.12.245              fw              tcp     22
ACCEPT          net:24.67.168.252               fw              tcp     22

#Uncomment and provide the correct source IP for port scans
#ACCEPT         net:205.206.12.242              loc             tcp     -
#ACCEPT         net:205.206.12.245              loc             udp     -


#       Allow Ping From Firewall
#
#ACCEPT          loc             fw              icmp    8
#ACCEPT          net             fw              icmp    8
ACCEPT           fw              loc             icmp    8
ACCEPT           fw              net             icmp    8
#
# Bering specific rules:
# allow loc to fw udp/53 for dnscache to work
# allow loc to fw tcp/80 for weblet to work
#
ACCEPT          loc       fw            udp     53
ACCEPT          loc       fw            tcp     80


#ITS Group open ports
#SMTP
# org settings thses 2 lines
ACCEPT          net     loc             tcp     25
ACCEPT          net     loc             udp     25




#SMTP
# org settings thses 2 lines
ACCEPT          net     loc             tcp     25
ACCEPT          net     loc             udp     25

#smtp my version
#ACCEPT         net     loc:64.141.50.30        tcp     25
#ACCEPT         net     loc:64.141.50.16        tcp     25
#ACCEPT         NET     LOC:64.141.50.17        TCP     25


#HTTP
ACCEPT          net     loc             tcp     80
ACCEPT          net     loc             udp     80

#POP
ACCEPT          net     loc             tcp     110
ACCEPT          net     loc             udp     110

#IMAP
ACCEPT          net     loc             tcp     143
ACCEPT          net     loc             udp     143



#SSL
ACCEPT          net     loc             tcp     443
ACCEPT          net     loc             udp     443

#MS-Terminal Server
ACCEPT          net     loc             tcp     3389
ACCEPT          net     loc             udp     3389

#VNC
ACCEPT          net     loc             tcp     5900
ACCEPT          net     loc             udp     5900

# drop icmp and block sql and mailserver and dns
DROP            net     fw              icmp    8
DROP            net     loc:64.141.50.27        all
DROP            net     loc:64.141.50.15        all
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE










>Hello,
>
>Does this firewall have the ability to have what is know as a "DMZ" zone
>.. ??
>
>(Requires Extra Interface) .. Because I am not totally sure what is in
>the "LOC" zone .. but if you use a DMZ .. you will have isolation .. And
>greater security ..
>
>Francesca
>
>PS: Please Reply To All So The List Gets The Thread
>

_________________________________________________________________
Shop online for kids’ toys by age group, price range, and toy category at 
MSN Shopping. No waiting for a clerk to help you! http://shopping.msn.com



More information about the Shorewall-newbies mailing list