[328] in linux-net channel archive
ipfwadm rules
daemon@ATHENA.MIT.EDU (Aleph One)
Tue May 16 15:28:30 1995
Date: Tue, 16 May 1995 13:23:45 -0500 (CDT)
From: Aleph One <aleph1@dfw.net>
To: linux-net@vger.rutgers.edu
Could someone that was some experience with ipfwadm take a look at this rules
and tell me what they think. I will be implementing them later today but
would like some feedback before that. Also some examples of its use for
IP accounting would be nice.
# Protect our selves.
# 1. Stop all traffic coming for us.
# Only way to modify the firewall is from the console.
ipfwadm -B -a deny -P all -S 0.0.0.0
# Protect the network.
# 1. Stop IP spoofing attacks.
# 2. Stop all traffic coming to our net to privileged ports.
# But allow all our traffic to go out.
# 3. Stop all traffic coming to out net to nfsd, and X windows.
# 3. Allow the services we want.
ipfwadm -F -a deny -P all -S <netip>/<netmask> -D <netip>/<netmask> -I <remifip>
ipfwadm -F -a deny -P all -D <netip>/<netmask> 1-1024 -I <remifip>
ipfwadm -F -a deny -P all -D <netip>/<netmask> 2049 6000
ipfwadm -F -a allow -P tcp -D <webserver> 80
ipfwadm -F -a allow -P tcp -D <smtpserver> 25
ipfwadm -F -a allow -P tcp -D <dnsserver> 42
Aleph One / aleph1@dfw.net
http://underground.org/
