Re: ipfwadm rule

[Damon Muller]

Hi,

There is a modular firewall shell-script called gmmf that should do what
you are after. It's pretty simple to set up, and denies all ports by
default, and requires you to open any specific ports you want to use.

Have a search on http://freshmeat.net for gmmf to find it.

Cheers,

damon


On Fri, Oct 29, 1999 at 08:41:37PM +0200, Pere Camps was heard to state:
 Hi!
 
  set your default policies to DENY (instead of ACCEPT) and try again
  ..everything will be blocked except what you specifically state should be
  allowed in (dont try this from remote! you may lose access to the machine)
 
   I've already tried that way, but it doesn't work out the way I
 like it.
 
 -- p.
 
 
 -- 
 Unsubscribe?  mail -s unsubscribe [EMAIL PROTECTED]  /dev/null
 
 

-- 
Damon Muller ([EMAIL PROTECTED]) /  It's not a sense of humor.
* Criminologist /  It's a sense of irony
* Webmeister   /  disguised as one.
* Linux Geek  / - Bruce Sterling 

ipfwadm rule

[Pere Camps]

Hi!

I'm trying to set up my home box (connected via PPP to the
internet to do the following):

a) Deny everything incoming (tcp,udp,icmp)
b) Accept only DNS udp connections
c) Accept incoming tcp data for only the connections that I have
initiated.

So far I've got this working:

a) no problem
b) I accept udp connections from the domain port to the 1024:65535
c) I accept tcp connections from any port that's below 1024

Problems:
c) They can still telnet me if doin'g it as root. The same for b).

Does anybody know the right ipfwadm rule for what I want and even
if this setup is possible?

TIA!

-- p.

Re: ipfwadm rule

[aphro]

set your default policies to DENY (instead of ACCEPT) and try again
..everything will be blocked except what you specifically state should be
allowed in (dont try this from remote! you may lose access to the machine)

(use ipfwadm -p DENY)

nate

[mailto:[EMAIL PROTECTED] ]--
   Vice President Network Operations   http://www.firetrail.com/
  Firetrail Internet Services Limited  http://www.aphroland.org/
   Everett, WA 425-348-7336http://www.linuxpowered.net/
Powered By:http://comedy.aphroland.org/
Debian 2.1 Linux 2.0.36 SMPhttp://yahoo.aphroland.org/
-[mailto:[EMAIL PROTECTED] ]--

On Fri, 29 Oct 1999, Pere Camps wrote:

 Hi!
 
   I'm trying to set up my home box (connected via PPP to the
 internet to do the following):
 
   a) Deny everything incoming (tcp,udp,icmp)
   b) Accept only DNS udp connections
   c) Accept incoming tcp data for only the connections that I have
 initiated.
 
   So far I've got this working:
 
   a) no problem
   b) I accept udp connections from the domain port to the 1024:65535
   c) I accept tcp connections from any port that's below 1024
 
   Problems:
   c) They can still telnet me if doin'g it as root. The same for b).
 
   Does anybody know the right ipfwadm rule for what I want and even
 if this setup is possible?
 
   TIA!
 
 -- p.
 
 
 -- 
 Unsubscribe?  mail -s unsubscribe [EMAIL PROTECTED]  /dev/null
 

Re: ipfwadm rule

[Pere Camps]

Hi!

 set your default policies to DENY (instead of ACCEPT) and try again
 ..everything will be blocked except what you specifically state should be
 allowed in (dont try this from remote! you may lose access to the machine)

I've already tried that way, but it doesn't work out the way I
like it.

-- p.

ipfwadm rule

[Pere Camps]

Hi!

Finally I got the question from my previous message working. I
had to deny only the packets with the SYN set.

-- p.