Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

is my iptables/firewall good?
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
PringlesO
n00b
n00b


Joined: 06 Oct 2005
Posts: 1
PostPosted: Sat Jun 03, 2006 1:28 pm    Post subject: is my iptables/firewall good? Reply with quote
Hello, I know this is a gentoo forum and being a gentoo user myself, I have confidence that this community is knowledgeable.

I currently have dedicated hosting and I'm running a fedora core 5 box. I setup iptables through webmin because I just dont get IPtables and reading a 10 page manual on how to use it is a little daunting.

Here are the rules that i have setup through webmin

http://random-m.com/images/1845931169_firewall.JPG (image link)
Code:


   Action   Condition    Move    Add
   Accept    If input interface is not eth0       
   Accept    If protocol is TCP and TCP flags ACK (of ACK) are set       
   Accept    If state of connection is ESTABLISHED       
   Accept    If state of connection is RELATED       
   Accept    If protocol is UDP and destination port is 1024:65535 and source port is 53       
   Accept    If protocol is ICMP and ICMP type is echo-reply       
   Accept    If protocol is ICMP and ICMP type is destination-unreachable       
   Accept    If protocol is ICMP and ICMP type is source-quench       
   Accept    If protocol is ICMP and ICMP type is time-exceeded       
   Accept    If protocol is ICMP and ICMP type is parameter-problem       
   Accept    If protocol is TCP and destination port is 6666       
   Accept    If protocol is TCP and destination port is auth       
   Accept    If protocol is TCP and destination port is 80       
   Accept    If protocol is TCP and destination port is 10000       
   Accept    If protocol is TCP and destination port is 10001:49300       


I dont even know what rule 5 is for.

The last 5 rules have been entered manually.

Should my firewall be locked down even more?
Back to top
View user's profile Send private message
thpani
Tux's lil' helper
Tux's lil' helper


Joined: 20 Mar 2006
Posts: 144
Location: Tulln, Austria
PostPosted: Sat Jun 03, 2006 3:19 pm    Post subject: Reply with quote
Rule 5 allows DNS (however, that should allow tcp on port 53 too).
The decision whether to filter ICMP or not is up to you.

However, you have opened ports 10000-49300.
I'm not familiar w/ webmin, so I can't tell if they belong to inbound or outbound traffic (maybe you can?). If the belong to inbound traffic you should delete the last two rules. However, to have full control I strictly recommend reading http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html and configuring netfilter from the commandline which is really easy and will give you much more control of what you're doing.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy