On Fri, 04 Jun 1999 09:49:02 -0400, you wrote:
>The best way to design a filter like ipfwadm is to begin by denying all
>services (ipfwadm is something like 'ipfwadm -I -p deny'). The permit
>only explict ports like port 80 to ip. address 1.2.3.4 (something like
>this):
>
>ipfwadm -I a -b -p tcp -S 0.0.0.0/0 1024:65535 -D 1.2.3.4 80
Additionally, I usually have a "last rule" that denies _and_ _logs_
eveyrthing going on. That way, I get detailed logs and can have
additional rules allowing what I need and denying (without logging
this time) everything that can't hurt me.
If something unusual or unexpected happens, I get logs.
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
