'Re: port blocking question'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: port blocking question
From:       Bill Meigs <bmeigs () mminternet ! com>
Date:       2000-04-30 2:51:27
[Download RAW message or body]


re: > anyone see anything bad here ?

Yep. 

Have you read the "IP Filter Based Firewalls HOWTO"?

http://www.obfuscation.org/ipf/ipf-howto.txt

It's a very comprehensive tutorial.

Jason Mori wrote:

> 
> Well I got it on my own:
> 
> #
> block in all
> block out all
> block in on lo0 from localhost to any
> block in all with frag
> block in proto tcp all with short
> block in log all with ipopts
> block in quick all with opt lsrr
> block in quick all with opt ssrr
> block in on hme0 proto icmp from any to any icmp-type unreach code 3
> #
> pass out on hme0 proto udp from any to any port = domain keep state
> pass in on hme0 from 12.16.245.0/24 to any
> pass in on hme0 from 204.62.245.0/24 to any
> pass in on hme0 from 24.16.19.0/24 to any
> pass in on hme0 from 24.0.26.116/24 to any
> pass out on hme0 proto tcp from any to any port = ssh keep state
> pass out on hme0 proto tcp from any to any port = sunrpc keep state
> pass out on hme0 proto tcp from any to any port = http keep state
> pass out on hme0 proto tcp from any to any port = 6000 keep state
> pass out on hme0 proto tcp from any to any port = 6667 keep state
> pass out on hme0 proto tcp from any to any port = 32771 keep state
> pass out on hme0 proto tcp from any to any port = 32772 keep state
> pass in on hme0 proto tcp from any to any port = ssh keep state
> pass in on hme0 proto tcp from any to any port = sunrpc keep state
> pass in on hme0 proto tcp from any to any port = http keep state
> pass in on hme0 proto tcp from any to any port = 6000 keep state
> pass in on hme0 proto tcp from any to any port = 6667 keep state
> pass in on hme0 proto tcp from any to any port = 32771 keep state
> pass in on hme0 proto tcp from any to any port = 32772 keep state
> pass in on hme0 proto icmp from any to any icmp-type echo
> pass in on hme0 proto icmp from any to any icmp-type echorep
> pass in proto tcp/udp from any to any port 514 <> 515
> 
> anyone see anything bad here ?
> 
> Have a nice day, and remember, be careful out there...
> 
> Jason Mori

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic