[Shorewall-users] ports 'closed', not 'blocked'???

Tom Eastep teastep@shorewall.net
Mon, 29 Apr 2002 05:52:21 -0700 (PDT)

On Mon, 29 Apr 2002, Roy Barkas wrote:

> Using Shorewall v1.2, and testing the firewall using scan.sygate.com, I
> am informed that several ports (web (80), ident (113) and DCE locator
> (135) are 'closed' rather than 'blocked'.
> All other ports show as blocked or 'stealthed'.
> I haven't set up any rules or policies that have anything to do with 80,
> 113 or 135. 
> Is this normal shorewall behaviour or have I possibly mis-configured
> something?

I suspect that your ISP is blocking port 80 -- The default Shorewall 
rules file in the samples REJECTS port 113 and I recommend that you leave 
it that way to avoid problems connecting to some services. The common.def 
file rejects port 135.
> By the way, I've been playing with a variety of Linux firewall tools for
> several years and Shorewall is by far the best working, best documented,
> best supported that I have seen.  I can and will unreservedly recommend
> it anytime.  Thanks to all of you who have developed or supported
> Shorewall - good job!

Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net