Hi,
I setup policy file in this way:
#SOURCE DEST POLICY LOGLEVEL RATE CONNLIMIT
$FW net ACCEPT
net all DROP info
all net DROP info
# The FOLLOWING POLICY MUST BE LAST
all all DROP info
and the rules file:
#ACTION SOURCE DEST PROTO DEST SOURCE
ORIGINAL RATE USER/ MARK CONNLIMIT
TIME$
# PORT
PORT(S) DEST LIMIT GROUP
?SECTION ALL
?SECTION ESTABLISHED
?SECTION RELATED
?SECTION INVALID
?SECTION UNTRACKED
?SECTION NEW
# Drop packets in the INVALID state
Invalid(DROP) net $FW tcp
# Drop Ping from the "bad" net zone.. and prevent your log from being
flooded..
Ping(DROP) net $FW
# Permit all ICMP traffic FROM the firewall TO the net zone
ACCEPT $FW net icmp
Supposedly I thought that this way I could not have any kind of
internet connection, but I still maintain the connection, ¿Why happend
this?. Of course I do this to test.
Thanks in advance
"Roberto C. Sánchez" <robe...@connexer.com> escribió:
On Fri, May 15, 2020 at 05:32:31PM -0400,
merlinverde...@infomed.sld.cu wrote:
Hi,
I only have a pc, with this pc (desktop) I connect to the internet. Where
can I find a guide to configure Shorewall in this scenario?
Thanks
This article was written for Shorewall 4.4, but for a simple setup it
should still apply.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
--
Este mensaje le ha llegado mediante el servicio de correo electronico que
ofrece Infomed para respaldar el cumplimiento de las misiones del Sistema
Nacional de Salud. La persona que envia este correo asume el compromiso de usar
el servicio a tales fines y cumplir con las regulaciones establecidas
Infomed: http://www.sld.cu/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users