Kevin Curran <[EMAIL PROTECTED]> wrote:

> I have a cable modem and I'm using 4.9 as a NAT router for my home
> network.  I have 4 rules in my ipfw config.  The first enables NAT and
> the last is 65000 allow any to any.
> In between I ha 2 rules to deny access to ports 53 and 110 on the
> Internet side.  That's all.  
> Here's my thinking: I use inetd.conf to enable only the services I want,
> therefore the ports on which those services are listening I would want
> open.  The two other ports I want to filter on the WAN side are filtered
> by the rules above.  All the other ports are closed, anyway, so why
> spend time debugging an elaborate rule set?

Check the output of "sockstat -4" to ensure that you don't have anything running
that you aren't aware of ... syslogd is a typical culpret.  You'll probably
have to add syslogd_flags="-ss" to /etc/rc.conf

Otherwise, you're probably good, execpt that there are some spoofing techniques
that may be able to get around such a ruleset.  That's beyond my expertise,

Bill Moran
Potential Technologies
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to