'Re: [IPCop-user] New 2.x install & setup issue'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipcop-user
Subject:    Re: [IPCop-user] New 2.x install & setup issue
From:       john s wolter <johnswolter () wolterworks ! com>
Date:       2011-10-17 3:38:05
Message-ID: CANwh-foxz_b5H5=WTvkWxr5syVS0A7j-3JN8g+QjtMdudP7Uag () mail ! gmail ! com
[Download RAW message or body]

It appears my question needs to change based on the thread's answer.  I
looked at the table you cited at
http://www.ipcop.org/2.0.0/en/admin/html/firewall-traffic.html.  The table
has four columns listing source, policy, destination, blank label, &
rule-type.

Based on the table I don't need these manually entered rules for client
computers?
Outgoing Traffic:
Iface.......SourceNet......Iface....Destination..Service
GREEN..Green Network..Red...Any.............http
GREEN..Green Network..Red...Any.............https
GREEN..Green Network..Red...Any.............ftp
GREEN..Green Network..Red...Any.............Ping
GREEN..Green Network..Red...Any.............ssh
GREEN..Green Network..Red...Any.............domain
GREEN..Green Network..Red...Any.............daytime
GREEN..Green Network..Red...Any.............nntp
GREEN..Green Network..Red...Any.............imap
GREEN..Green Network..Red...Any.............sftp
GREEN..Green Network..Red...Any.............traceroute
GREEN..Green Network..Red...Any.............smtp
GREEN..Green Network..Red...Any.............telnet

What about the reverse travel of packets(ssh, ssh-VNC, web server)?

What are the purposes of Policy and Rule-Type?

What are the implications of the making changes in the Firewall Settings?

Where is this policy setup discussed in the manual?

As suggested on the web site there is a real difference in how the IPCop
works.

Cheers,
John S Wolter

On Sun, Oct 16, 2011 at 7:57 PM, Nathan D <nathand@ii.net> wrote:

> All interface details can be found here -
> http://www.ipcop.org/2.0.0/en/admin/html/firewall-traffic.html
> Green to Red is open by default i.e. nothing needs to be configured to get
> computers to connect to the Internet.
>
> regards,
>  Nathan.
>
> On 17 October 2011 04:13, john s wolter <johnswolter@wolterworks.com>wrote:
>
>> It appears that the new install of 2.x does not have any Green to Red
>> ports
>> open at the start.  The admin is then required to enter one service port
>> rule at a time for the services that I might want the Greens to access.
>>  I'm
>> I reading that wrong?  Is there a set of Green to the Internet rules in
>> place already?  Do I have to open the likes of HTTP(S), (S)FTP, PING, etc
>> for Green hosts?  I did not see among the GUI menus a way to see any
>> preset
>> rules.
>>
>> If so I want to suggest some pre-configured Service Groups be created to
>> reflect standard services typical user profiles.  That would also imply a
>> way to load and activate them.
>>
>> Cheers,
>> John S Wolter
>>
>> ------------------------------------------------------------------------------
>>
>
>
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
IPCop-user mailing list
IPCop-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-user

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic