'Log file getting enormous, why? (OOPS)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Log file getting enormous, why? (OOPS)
From:       "David J. Kanter" <david.kanter () mindspring ! com>
Date:       2000-08-26 16:18:01
[Download RAW message or body]

Sorry, I forgot to attach the firewall rules to that last message.
-- 
David Kanter

["firewall.rules" (text/plain)]

#DEFINES GROUPS
block in on tun0 all			head 100
pass out on tun0 all			head 200
block in on xl0 all			head 300
pass out on xl0 all			head 400

#ALLOW TRAFFIC TO TRAVERSE LOOPBACK
pass in on lo0 all
pass out on lo0 all

#BLOCK & LOG SOURCE-ROUTED, and or SHORT PACKETS TUN
block in log quick on tun0 from any to any with opt ssrr         group 100
block in log quick on tun0 from any to any with opt lsrr         group 100
block in log quick on tun0 from any to any with ipopts           group 100
block in log quick on tun0 from any to any with short            group 100

#ICMP TUN
block in log quick on tun0 proto icmp from any to any            group 100

#BLOCK NON ROUTEABLES FROM OUTSIDE TUN
block in log quick on tun0 from 192.168.0.0/16 to any            group 100
block in log quick on tun0 from 10.0.0.0/8 to any                group 100
block in log quick on tun0 from 172.16.0.0/12 to any             group 100

#ALL ELSE FAILS, JUST BLOCK IT TUN
block in log quick on tun0 from any to any                       group 100


#BLOCK & LOG SOURCE-ROUTED, and or SHORT PACKETS XL
block in log quick on xl0 from any to any with opt ssrr         group 300
block in log quick on xl0 from any to any with opt lsrr         group 300
block in log quick on xl0 from any to any with ipopts           group 300
block in log quick on xl0 from any to any with short            group 300

#ICMP XL
block in log quick on xl0 proto icmp from any to any            group 300

#BLOCK NON ROUTEABLES FROM OUTSIDE XL
block in log quick on xl0 from 192.168.0.0/16 to any            group 300
block in log quick on xl0 from 10.0.0.0/8 to any                group 300
block in log quick on xl0 from 172.16.0.0/12 to any             group 300

#ALL ELSE FAILS, JUST BLOCK IT XL
block in log quick on xl0 from any to any                       group 300


#OUTBOUND TRAFFIC
pass out quick on tun0 proto tcp/udp from any to any keep state               group 200
pass out quick on tun0 proto icmp from any to any keep state                  group 200

pass out quick on xl0 proto tcp/udp from any to any keep state               group 400
pass out quick on xl0 proto icmp from any to any keep state                  group 400


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic