Kevin Curran <[EMAIL PROTECTED]> wrote: > I have a cable modem and I'm using 4.9 as a NAT router for my home > network. I have 4 rules in my ipfw config. The first enables NAT and > the last is 65000 allow any to any. > > In between I ha 2 rules to deny access to ports 53 and 110 on the > Internet side. That's all. > > Here's my thinking: I use inetd.conf to enable only the services I want, > therefore the ports on which those services are listening I would want > open. The two other ports I want to filter on the WAN side are filtered > by the rules above. All the other ports are closed, anyway, so why > spend time debugging an elaborate rule set?
Check the output of "sockstat -4" to ensure that you don't have anything running that you aren't aware of ... syslogd is a typical culpret. You'll probably have to add syslogd_flags="-ss" to /etc/rc.conf Otherwise, you're probably good, execpt that there are some spoofing techniques that may be able to get around such a ruleset. That's beyond my expertise, however. -- Bill Moran Potential Technologies http://www.potentialtech.com _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
