Firewal Rules

To: "Debian - Firewall" <debian-firewall@lists.debian.org>
Subject: Firewal Rules
From: "Cassandra Ludwig" <illiath@bigpond.net.au>
Date: Fri, 18 May 2001 08:49:41 +1000
Message-id: <[🔎] 001f01c0df23$a9099200$0afaa8c0@cass>
Reply-to: "Cassandra Ludwig" <illiath@bigpond.net.au>

I have an interesting little problem here.

I want to as a default REJECT all packets from my firewall's external
interface, and then allow in only certain packets.  I have already written
rules to allow in the services I am running on the firewall (like http,
http-secure, smtp, imap, pop3, etc.), however it seems that I need to add in
a never-ending list of ports to allow the windows machines behind the
firewall full access to their response packets.  My biggest concern with
that is that with some of them (ICQ for one) the ports are more often than
not dynamic...  My real question here is, how would I go about allowing the
windows machine(s) behind the firewall to receive full responses from the
internet without returning the firewall back to it's previous default state
of ACCEPT.  There are so many ports under 1024 that I want to block off from
external use, and I do not personally feel like blocking all 1010 (or
whatever) ports manually.

Regards,
    Cassandra

Reply to:

Follow-Ups:
- Re: Firewal Rules
  - From: "Eric N. Valor" <eric.valor@lutris.com>
- Re: Firewal Rules
  - From: alburrow@cs.adelaide.edu.au
- Re: Firewal Rules
  - From: Roger Gregory <godot@mindspring.com>

Prev by Date: Re: using public ip addresses in DMZ: how to route in small subnet?
Next by Date: Re: server periodically dissapears
Previous by thread: Re: server periodically dissapears
Next by thread: Re: Firewal Rules
Index(es):
- Date
- Thread