[Shorewall-newbies] firewall setup error help! please! asap

Sterling Martin oilfield123 at hotmail.com
Mon Dec 8 03:32:50 PST 2003

thanks guys ... i can see you understand my situation and are REALLY trying 
to help me, i appreciate that and YES....... i DIDN'T set this up...some 
other "expert" installed it and i'm trying to put the pieces together so i 
have some semblance of security :)

and yes they are public ip's on the "loc" zone.... so if i understand you 
correctly i should just comment out these lines in the policy file and  then 
explicitly "allow" them in my rules file right?

hmmmmmm, that would also explain why when i tried a few rules it made no 

ps ... you keep mentioning about a dmz zone is better for security .... how 
does that work..... i do have 2 nic's in my server right now... how would 
you suggest i change that....

could you "spell out a rule i could use to allow ftp access to my webserver 
in the loc zone.... no i don't have a dmz zone.....:)

> > Ok. The policy file you have created makes most of your rules
> > obsolete.
> >
> >  >loc             net             ACCEPT
> >  >net             loc             ACCEPT
> >
> > the above allows all traffic between your loc and net zones!!!! thus,
> > any net2loc or loc2net rules are useless. This is a good way to get
> > hacked. If you had windows boxes in the loc zone, I bet they did get
> > hacked.
> >
> >  > # remove the comment from the following line.
> >  > fw             net             ACCEPT
> >
> >
>Lets be fair .. Looks like some one with out a clue set this up ( The
>Original Person not Sterling  ) .. And this is newbies .. (I would grab
>at least the two interface examples and work from there)
>And yes .. lose all the shorewall files .. reload .. slash and burn ..

Winterize your home with tips from MSN House & Home. 

More information about the Shorewall-newbies mailing list