I've been working on the firewall again... it seems that most of the
headaches are coming from DNS. I have to allow:
* DNS lookups:
1a. from the firewall to an external server (TCP)
1b. from the firewall to an external server (UDP)
2a. from the inside net to an external server (TCP)
2b. from the inside net to an external server (UDP)
3a. from outside to the server on the firewall (TCP)
3b. from outside to the server on the firewall (UDP)
* DNS server responses:
1a. from the firewall server to outside (TCP)
1b. from the firewall server to outside (UDP)
2a. from a server outside the firewall to the firewall (TCP)
2b. from a server outside the firewall to the firewall (UDP)
3a. from a server outside the firewall to the inside (TCP)
3b. from a server outside the firewall to the inside (UDP)
* DNS server to server communications:
1a. from the firewall server to an outside server (TCP)
1b. from the firewall server to an outside server (UDP)
See what I mean about headaches?
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
