Sanity-check for my (working) ipfw rules please...

2006-07-10 Thread Ensel Sharon
My individual hosts have a set of firewall rules on each of them that looks like this: /sbin/ipfw add 00010 allow ip from any to any via lo0 /sbin/ipfw add 00020 deny ip from any to 127.0.0.0/8 /sbin/ipfw add 00100 count ip from any to any via em0 in /sbin/ipfw add 00100 count ip from any to

Re: Sanity-check for my (working) ipfw rules please...

2006-07-10 Thread Chuck Swiger
Ensel Sharon wrote: [ ... ] Two questions: is it appropriate to have line 01000 above all of my bad-behavior lines ? established means ACK and not SYN, basicly. Your bad behavior rules wouldn't really match anything which matches established, but it's probably better to block known-bad

Re: Sanity-check for my (working) ipfw rules please...

2006-07-10 Thread Nick Withers
On Mon, 10 Jul 2006 18:38:51 -0400 (EDT) Ensel Sharon [EMAIL PROTECTED] wrote: My individual hosts have a set of firewall rules on each of them that looks like this: /sbin/ipfw add 00010 allow ip from any to any via lo0 /sbin/ipfw add 00020 deny ip from any to 127.0.0.0/8 /sbin/ipfw

Re: Sanity-check for my (working) ipfw rules please...

2006-07-10 Thread Nick Withers
On Tue, 11 Jul 2006 13:16:21 +1000 Nick Withers [EMAIL PROTECTED] wrote: On Mon, 10 Jul 2006 18:38:51 -0400 (EDT) Ensel Sharon [EMAIL PROTECTED] wrote: My individual hosts have a set of firewall rules on each of them that looks like this: (snip) Second, are there any other