Re: [Shorewall-users] Only a desktop computer

Sat, 16 May 2020 03:45:27 -0700 

Hi,

I setup policy file in this way:

#SOURCE DEST            POLICY          LOGLEVEL        RATE    CONNLIMIT
$FW     net             ACCEPT
net     all             DROP            info
all     net             DROP            info
# The FOLLOWING POLICY MUST BE LAST
all     all             DROP            info

and the rules file:
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME$ # PORT PORT(S) DEST LIMIT GROUP 
?SECTION ALL
?SECTION ESTABLISHED
?SECTION RELATED
?SECTION INVALID
?SECTION UNTRACKED
?SECTION NEW

# Drop packets in the INVALID state

Invalid(DROP)  net              $FW             tcp
# Drop Ping from the "bad" net zone.. and prevent your log from being flooded.. 

Ping(DROP)      net             $FW

# Permit all ICMP traffic FROM the firewall TO the net zone

ACCEPT          $FW             net             icmp
Supposedly I thought that this way I could not have any kind of internet connection, but I still maintain the connection, ¿Why happend this?. Of course I do this to test. 


Thanks in advance




"Roberto C. Sánchez" <robe...@connexer.com> escribió:
On Fri, May 15, 2020 at 05:32:31PM -0400, merlinverde...@infomed.sld.cu wrote: 
Hi,
I only have a pc, with this pc (desktop) I connect to the internet. Where
can I find a guide to configure Shorewall in this scenario?
Thanks


This article was written for Shorewall 4.4, but for a simple setup it
should still apply.

Regards,

-Roberto

--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com


_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users





----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.



--
Este mensaje le ha llegado mediante el servicio de correo electronico que 
ofrece Infomed para respaldar el cumplimiento de las misiones del Sistema 
Nacional de Salud. La persona que envia este correo asume el compromiso de usar 
el servicio a tales fines y cumplir con las regulaciones establecidas

Infomed: http://www.sld.cu/



_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to